I would propose that security has always been a concern with IT systems. It may very well have been easier to control before everything started to connect with virtually everything else; however, the last few years have seen a proliferation of threats including some new issues – be that ransomware, cryptocurrency malware, concerns around IoT and even exploits on Apple devices.
Diaxion does not believe this will change much over the next decade. Experts seem to agree that there is a current and future lack of cybersecurity professionals, which will require new approaches to security. One example of a different approach has seen the integration of security within development as part of DevOps over recent years, where security is no longer reliant on a security team, but becomes – or should become – everyone’s business.
Another approach is to pool resources. For example, vendors can provide the capability to send back threat information “back to base” for further analysis, which then can benefit all users of their solution. Another vendor now has opened their threat information database to competitors, as they believe that security threats need to be opposed jointly, not as a disparate field of competing vendors.
With a continuing emergence of IoT devices and an expected proliferation of AI, there will be a number of new threats and attack vectors. While not immediately cybersecurity, “deepfakes” is a new development, which takes phishing to the next level. One does not want to investigate state-sponsored activity too much, as this can quickly move into the realm of a bad science fiction novel with their use of AI. Different countries will employ different approaches: from a collection of random volunteers to a rather systematic approach (not dissimilar to a university course including exams).
Security will continue to be an ongoing battle, where the “other side” will make use of all resources available to them.
Some of the challenges are:
1.Constantly evolving and changing threat landscape with an ever increasing sophistication and number of threats.
2.Increasing complexity of environments, e.g. hybrid environments, BYOD, IoT, remote working, etc.
3.Complexity in managing security: number of tools, policies, vendors; with
4.Limited resources to manage and monitor
To combat this successfully, companies at a minimum need to:
1.Patch consistently and regularly. There is no excuse to have unpatched systems, as this can be automated with good planning.
2.Use multi-factor authentication, as passwords will not be sufficient and biometrics have their own set of weaknesses.
3.Use antivirus tools (gateway and end-user devices) and a layered response as proposed by security vendors.
4.Automate security detection and response as much as possible, as a high number of false positives is unmanageable and risks an actual breach going unnoticed.
5.Accept that people will do the wrong thing like clicking on the obviously fake link – no amount of education can and will entirely prevent this.
6.Have a robust framework of security policies.
Finally, companies will need to have plans in place, how to respond to a security breach.