The future is here again
Consumer behaviour will dictate enterprise technology decisions on a greater scale, particularly in payment and retail environments. As industry seeks to transform, security suppliers will need to rethink software and services. Expect to see more vendors, especially those serving the enterprise level, make a bigger play for this market - some perhaps from outside what we think of as the security sector. If security IS the business, why do the solutions need to come from traditional security players? Your IoT app should have security baked in.
There will remain a dearth of suppliers have really thought about how IoT and digital can be secured beyond adapting their existing product lines or engaging the CMO to rebrand them. Intel is going big on IoT but to date has shown little interest in tying its (McAfee) security offering with its promotion of IoT in general. This is baffling.
There are a number of smaller vendors that may become bigger names as IoT security develops over 2016 and beyond. A UK based industry body for IoT security companies and researchers has been established. It's backed by Vodafone, itself looking to build what it, and its rivals, see as an advantage in secure IoT and digital infrastructures - a superfast, reliable digital backbone (which could finally see the death of copper - here's hoping). Intel is working on 5G as fast as anyone, according to its latest analyst briefings, but we are still at least five years away from rollout.
The pool of startups is deep and getting deeper. Some start up vendors to watch in 2016 are: Digital Shadows, Sqrrl and recorded future (great name). There are many more, mostly in the US, and PE and angel cash is heading that way, as fast as you can say Fintech.
What’s clear is that IoT presents such a challenge in terms of increased data flows, multiple endpoints and sensors in the billions, that existing solutions will not provide protection. We will need to mine this tranche of security start ups.
Identity and access management (IAM) will assume a new importance as end points multiply, Shadow IT increases in volume and, of course, IoT will add non-human identities into the mix as M2M multiplies. IAM innovation is urgently needed in 2016 - will we see it?
Overall I see a consolidation of effort by the big players - Symantec, Sophos, HPE, IBM, Dell and the rest to meet the twin challenges of IoT and digital - but will customers respond? Words must be matched by products and services.
There will of course be more attacks, and the EU Privacy regulations might finally roll out with resultant impact on compliance and regulatory obligations. Probably more lucrative work for the Big Four here. But also for everyone else. If you can help a company to not lose its data in the first place, you will keep it out of the EU’s bad books. And the front pages, which is half the battle in managing cyber attacks.
Finally, everyone from IBM down will be talking about next-generation security. Certainly there is a next generation of security needs and challenges but as yet I see little in the way of actual next generation software and services being delivered in 2016. But unlike many predictors, I’m happy to be proved wrong on this one!