You think you have your hands full as an IT pro now? Just wait until blockchain, IoT, augmented and virtual reality, and these other technologies really start to take hold in 2017.
The Internet of Things – for real
Yes, yes, we know – it’s one of those long-standing tech industry jokes, like “the year of the Linux desktop” and “Java security.” But 2017 really could be the year that all the hub-bub and hype around the Internet of Things comes home to roost.
The basic concept of connected devices – broadly, things that haven’t historically been connected to the internet suddenly being connected to the internet – is nothing new. The uses to which the technology is now being put, however – smart cars, smart homes, and dramatically simplified industrial management – are potentially groundbreaking in a very “the future is here” sense.
+ ALSO ON NETWORK WORLD Internet of Things poised to transform cities +
The main problem is security, as it has been since people started thinking about IoT as a concept. There aren’t many commonly accepted standards for IoT devices – though there’s no lack of candidates – and vendors don’t seem to work as hard to make connected devices secure as they do on more traditional endpoints, like laptops and smartphones.
That has big implications for security. Even if a hacked IoT device doesn’t represent much of a threat on its own, it’s simple enough to incorporate it into a vast botnet, which is exactly what the attackers behind the Mirai botnet have been up to lately, exploiting DVRs, surveillance cameras and other poorly secured IoT devices and making them into a zombie army able to hamstring internet access across the U.S. by attacking domain registration service provider Dyn.
It’s a big challenge, according to analyst and Network World contributor Zeus Kerravala.
“[IoT security] requires strengthened network access controls, including real-time application control and visibility, IoT-supported, secure-authentication methods such as PPSK, granular device policy enforcement at the edge, and centralized reporting and monitoring tools,” he said, in commenting on a new IoT security offering from Aerohive Networks.
Forrester Research thinks more than half a million IoT devices will be compromised in 2017, which underlines the extreme importance of security. One way or another, IoT will shake up computing in 2017 – either as a key underpinning of a host of new technologies, or the venue for further devastating cyberattacks.
By Jon Gold
Augmented reality and virtual reality will take off
When the iPad was introduced in 2010, rarely would you see them in the wild—never mind being used for business. Now, iPads and tablets are everywhere. Their use exploded.
Prepare for the same thing to happen with virtual reality (VR) and augmented reality (AR)—with tablets and smartphones as the vehicle. According to IDC, 25% of enterprise IT organizations will be testing augmented reality business applications for use on smartphones by the end of 2017.
“This may sound relatively aggressive, but the conversations I’m having with the industry and some surveys that we’ve run talking to IT decision makers show that there’s a really strong interest around augmented reality,” said Tom Mainelli, program vice president of the devices & AR/VR group at IDC, during a recent webinar, IDC Futurescape: Worldwide Wearables and AR/VR 2017 Predictions.
The end game is head-worn AR hardware, such as the Microsoft HoloLens, he said. But for a lot of enterprises, they are going to begin creating apps and back-end processes on devices that consumers and businesses already own.
Pokémon Go gave us a taste of AR, and we’ve seen retailers using AR technology. Walgreens and Toys R Us use an app called Aisle411 that guides customers to products with the store. North Face provides 360-degree videos of outdoor experiences using Oculus Rift in which the actors wear North Face clothing. Audi has a virtual experience that allows you to take virtual test drive and to virtually see features and options on their cars. And Ashley Furniture will soon have an AR app that helps shoppers see how home furnishings fit into an existing space.
As smartphone technology improves, we will see much better AR experiences, Mainelli said. The first product working toward that is the Lenovo Phab 2 Pro, which is based on Google’s Tango technology. It uses three cameras and multiple sensors to see where it is and capture a wide range of measurements to create an enhanced AR experience, he said.
Other AR and VR predictions from IDC:
- In 2017, retail industry spending on AR/VR hardware, software and services will increase by 145% to more than $1 billion.
- Three out of 10 consumer-facing Fortune 5000 companies will experiment with AR or VR as part of their marketing efforts in 2017.
- By 2019, 10% of all web-based meetings will include an AR component driving disruption of the $3 billion web conferencing market.
“I really believe augmented reality is going to have the same type of impact on businesses as the PC did all those years ago,” Mainelli said. “And once developers start to figure out what they can do with this technology, business is going to change pretty dramatically. … Eventually we will end up at a place where augmented reality really is the new way that we interface with devices, digital content, physical objects and with data.”
By Michelle Davidson
Triple A protection coming to world of cybersecurity
It may be a brave new world in 2017 but it’s also a damn scary one for IT security professionals.
Just take a look at some recent Gartner assessments of the security situation:
- By 2020, 60% of digital businesses will suffer major service failures, due to the inability of IT security teams to manage digital risk.
- By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, which is an increase from less than 30% in 2016.
- By 2018, 25% of corporate data traffic will flow directly from mobile devices to the cloud, bypassing enterprise security controls.
- Through 2018, over 50% of IoT device manufacturers will not be able to address threats because of weak authentication practices.
So what technologies are going to change this scenario back in favor of IT? The new security AAA — automation, analytics and artificial intelligence — say proponents.
When it comes to automation, security platforms will devise and execute controls based on newly detected threats and do it without human intervention. That reduces the time between a compromise and the time the threat is neutralized – reducing the window during which attackers can do damage.
+More on Network World: 20 years ago: Hot sci/tech images from 1996+
Security analytics engines digest data from network gear and endpoints in search of anomalies that indicate threats. By setting a baseline for normal, these engines spot out of the ordinary behaviors and assess whether they represent malicious activity.
By incorporating AI and machine learning this technology will expand its ability to detect anomalies not only in network traffic, but in the behavior of individual machines, users, and combinations of users on particular machines.
As these platforms become more sophisticated and trusted in 2017, they will be able to spot attacks in earlier stages and stop them before they become active breaches.
And the big guns are all involved in making this happen: Cisco with its Tetration Analytics platform, IBM with Watson cognitive computing for cybersecurity; Google/Alphabet with DeepMind lab to name just a few.
+ Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+
Cisco’s Tetration Analytics product is a turnkey package that gathers information from hardware and software sensors and analyzes the information using big data analytics and machine learning. In the security realm the system sets a baseline for normal network and application behavior and quickly identifies any deviation in communication patterns in real time or uses Tetration’s forensics search engine to look for other security or user behavior analytics.
“The single most important things customers can do to protect the data center is set up a whitelist of who has access to what, but it is one of the most difficult tasks to implement,” said Tom Edsall, a senior vice president and CTO with Cisco. “Tetration lets users set up a white list model and policies more quickly and efficiently than they could before.” This capability will address key cybersecurity challenges and move toward the “self-driving data center” of the future, he said.
Cisco promises many new security-related applications will be layered onto Tetration.
Then we have IBM’s Watson supercomputer, which is being unleashed in corporate networks to analyze traffic in search of malware, but also learning at the same time via its own experiences and by taking in white papers, threat intelligence and news about cybercrime. So over time, Watson will develop new strategies for finding attacks as they unfold. The Watson for Cybersecurity project is in beta now and likely sometime in 2017 could become a full-fledged cybersecurity service.
+More on Network World: IBM warns of rising VoIP cyber-attacks+
Separately, there is governmental research underway that could impact the cybersecurity world this year as well. For example, Intelligence Advanced Research Projects Activity, the radical research arm of the of the Office of the Director of National Intelligence, wants to build a system of what it calls sensors that can monitor everything from search terms to social media output to look for early warning signs of cyberattacks.
“Cyber-attacks evolve in a phased approach. Detection typically occurs in the later phases of an attack, and analysis often occurs post-mortem to investigate and discover indicators from earlier phases. Observations of earlier attack phases, such as target reconnaissance, planning, and delivery, may enable warning of significant cyber events prior to their most damaging phases,” IARPA wrote in announcing its Cyberattack Automated Unconventional Sensor Environment (CAUSE) program.
“It is expected that the technology developed under the CAUSE Program will have no ‘human in the loop.’ Experts may help develop, train, and improve the solution systems, but they will not manually generate warnings, guide the system, or filter warnings before they are delivered to the [IARPA] Team. The performer produced warnings must be machine-generated and submitted automatically…,” IARPA wrote of the system.
By Michael Cooney