5. Cloud will get a security makeover. Security has remained one of the greatest barriers preventing cloud computing from reaching its full potential. Last month, the Singapore government launched what has been dubbed the Multi-Tier Cloud Security Standard for Singapore (MTCS) to provide greater clarity on levels of security offered by cloud services providers, which it hopes will build confidence in cloud adoption. In addition to this, innovations in network virtualisation are enabling automation and transparent network insertion of next-generation security services into the cloud. In 2014, next-generation network security and network virtualisation will come together to form a new paradigm for cloud security.
6. There will be a heightened need for better intelligence and sharing on cyber threats. The new era of network security is based on automated processes and building as much intelligence as possible into network security software. This is especially important in industries such as government, education and healthcare, in which there are staffing shortages. Limited staff need maximum resources including security tools that give them the most visibility into their network traffic and don't sacrifice business productivity.
7. The demand for cybersecurity and incident response (IR) skills will reach new highs. As more advanced threats have become commonplace, the demands on existing IR teams have begun to outstrip capacity, especially in enterprises and government entities. In Singapore, Temasek Polytechnic and the Singapore IT Security Authority (SITSA) has announced plans to set up an Advanced CyberSecurity Training Facility next year to provide students with hands-on cybersecurity training. It's our belief that in 2014, computer science programs will continue to adapt to this trend with more focused training in cybersecurity disciplines.
8. Security will meet reliability as attacks target control systems. Companies may be able to apply tight network security to data centres and the information they manage. But if they're not doing the same for certain data centre support systems such as HVAC, cooling and other automated systems that help power, clean and maintain a data centre, they're leaving the whole data centre vulnerable. Data centres are required to meet the highest levels of reliability which cannot be achieved unless all of its components, from uplinks and storage to chillers and HVAC systems, are fully fault tolerant and protected from vulnerability and cyberattacks. These types of attacks, in which smart hackers target the weakest parts of a data centre support infrastructure, will continue.
9. Organisations will exert more control over remote access tools. The revelations of how commonly remote access tools such as RDP, SSH and TeamViewer are used to attack networks will force organisations to exert greater control over these tools. These applications provide support and development teams with powerful tools to simplify their jobs but they are used commonly by attackers. Employees also use these tools to mask what they're doing on the corporate network as a means of protecting privacy. Browser plugins such as Remote Desktop and uProxy for Google Chrome will make these tools more accessible and increase the challenge of controlling their use on the corporate network. User privacy is critically important, but users also need to understand that these applications can jeopardise the business. The challenge will be how organisations can best implement controls without limiting productivity.
Sign up for CIO Asia eNewsletters.