On December 11, International Data Corporation (IDC) hosted the IDC FutureScape: Worldwide Security 2015 Predictions Web conference. The session provided organizations with insight and perspective on long-term industry trends along with new themes that may be on the horizon. The Predictions Web conference series and accompanying IDC FutureScape reports are designed to help company leaders capitalize on emerging market opportunities and plan for future growth.
IT is an indispensable component of the business process, especially with the adoption of the 3rd Platform,” said Charles Kolodgy, IDC Research Vice President, Security Products. “The IT infrastructure is under constant attack from a variety of players from mischief-makers to nation states and everyone in between. The cybercrime environment is most interested in committing financial fraud, data theft, corporate espionage, and disruption or destruction of infrastructure and processes. Enterprises and organizations are engaged in a constant arms race with the attacking elements and generally the perception is that the offense is winning. IDC believes that IT security decisions should be made with a better understanding of the existing trends and opportunities. IDC’s security research team has identified ten strategic security decision imperatives enterprises must address over the next several years. The decision imperatives are all designed to move enterprise security from being relative towards being proactive.
The predictions from the IDC FutureScape for Security are:
- Risk-Based Budgeting – By 2016, 25% of large enterprises will make security-related spending decisions based on analytical determinations of risk.
- Biometric Identification – Mobile devices have biometric capabilities and in 2015 we expect that 15% of those devices will be accessed biometrically, and that number will grow to 50% by 2020.
- Threat Intelligence – By 2017, 75% of large enterprises will receive custom threat intelligence information tailored to their industry, company, brand, and environment.
- Data Encryption – By the end of 2015, 20% of proprietary data in the cloud will be encrypted. By 2018, that will quickly rise to 80%.
- Security SaaS – Enterprises will be utilizing security software as a service (SaaS) in a greater share of their security spending. By the end of 2015, 15% of all security will be delivered via SaaS or be hosted and by 2018 over 33% will be.
- User Management – By 2016, multi-factor authentication will be the primary method of access control used by 20% of enterprises for highly privileged or otherwise sensitive accounts.
- Hardening Endpoints – By 2017, 90% of an enterprise’s endpoints will utilize some form of hardware protection to ensure that endpoint integrity is maintained.
- Security as a Feature – Security features are rapidly being embedded into business applications. By 2018, 25% of security applications that were previously purchased independently will be incorporated directly into business applications.
- Software Security — By the end of 2015, 10% of all enterprise commercial Web sites and mobile applications will have been scanned for vulnerabilities and by 2018 40% will be scanned regularly.
- Executive Visibility – By 2018, fully 75% of chief security officers (CSO) and chief information security officers (CISOs) will report directly to the CEO, not the CIO.