Gaze into Splunk’s Crystal Ball for What’s to Come in 2017
Last year, a team of Splunkers came up with several predictions for what 2016 would bring in the fields of IT, security, and big data. This year we’ve done it again, looking into our crystal ball (or industry experience) to share our prophecies for 2017.
But first, let’s look back at some of the hits and misses of what we predicted for 2016.
Behavioral analysis will shift from an emphasis on user credentials to machine-to-machine credentials.
Haiyan Song, our SVP of security markets, predicted that “anomaly detection will become less about analyzing users or entities and more about leveraging machine learning and data science.” While there’s still a way to go, this has begun to come true: As Financial Executives International Daily noted a few weeks ago, more and more third-party cyber threat intelligence services are springing up to help automate the process of identifying unusual behavior and suspicious activity. Identifying these anomalies quickly triggers faster alerts and cuts down on the time before intruders are caught.
But applying machine learning to assessing user behavior has continued to grow. For example, CIO recently reported on how the National Security Agency detects threats with this method of behavior analytics. Machine learning recognizes typical user behavior patterns, so that, for instance, when a credentialed user accesses the network at an unusual time or from an unusual geographic location, the activity is flagged as suspicious. The same CIO piece quotes Gartner analyst Avivah Litan, who notes that these behavioral analytics are becoming more popular among enterprises.
The explosion of personally identifiable information (PII) in the public sphere will lead to new means to improve identity authentication.
Haiyan also predicted that “Rather than multi-factored authentication, there will be a push to get away from methods such as passwords and authentication will become sophisticated but also easy to use.” Unfortunately, this has yet to come to fruition. The most sophisticated authentication widely available continues to be methods like two-factor authentication. Meanwhile, security breaches were a major theme of the year: Yahoo announced two separate hacks that spanned 1.5 billion user accounts, and users’ data was also compromised on Dropbox, DailyMotion, and Fitbit.
Enterprise DevOps will grow rapidly among businesses.
Rick Fitz, our SVP of IT markets, hypothesized, “In 2016 we will see rapid acceleration of DevOps with 50 percent or more of large businesses finally adopting Enterprise DevOps — a pragmatic, scalable approach to adopting the culture, process and technology changes at the heart of DevOps.” While no formal surveys have been done, it’s clear that Enterprise DevOps is indeed growing rapidly. Computer Weekly notes that major brands like ING Bank, Disney, and Barclays Bank all made Enterprise DevOps a major priority in 2016. Plus, the first annual DevOps Enterprise Summit was held in London in June.
Machine learning will drastically reduce the time spent analyzing and escalating events among organizations.
Our CTO Snehal Antani observed last year that, “Today’s operations centers struggle with an extremely high volume of events coming in requiring human analysis, which is unsustainable… Enterprises will transition from investigating and exploring big data possibilities to becoming laser-focused on business outcomes.” This has been true — with mixed results. Take a look at Facebook’s challenges with its “Trending News” section. In August, Facebook transitioned to having this constantly updated stream of major conversation topics curated entirely by algorithms. By October, it became clear that the lack of human oversight led to several untrue stories “trending” as real news. While this is just one example, it proves a larger point: We still need to find a middle ground between the convenience of automation and the sensitivity of human intervention.