As the cyber attack threat landscape becomes more sophisticated, the year 2020 is likely to pose significant challenges and opportunities, said Greg Day, VP & CSO, EMEA at Palo Alto Networks.
In his opinion, Artificial Intelligence (AI), which has been making significant inroads into every aspect of society, will continue to impact 2020 as well, but in a different way, by helping to streamline cyber security processes.
“SOAR (security orchestration, automation, and response) is just one example – using AI to gather the human knowledge held by cybersecurity staff through NLP and allowing it to be reusable across the rest of the team,” said Day. “This approach provides the building blocks for automating what are typically high-volume, simple, repetitive tasks that no security expert likes doing. It will also help ensure that the right people with the right knowledge are engaged on any given project, to best navigate cybersecurity’s latest complex challenges,” he added.
Deep Fake gathers steam
Meanwhile, “the idea of a trusted digital contact or source is hitting an all-time low as faking continues to grow. For the last few years, we have seen an increase in business email compromise (BEC), using stolen trusted credentials to gain access to systems. As the concept of faking continues to broaden into video, audio, and other digital formats, we are seeing faking move from simple spoofing into a complex web of lies that spans multiple platforms. We can only expect to see more complex, deeper fakes being created to trick users into doing exactly what the attacker wants.”
“For critical tasks, organisations have already started to put in place secondary controls to try and identify and stop fakes, be it BEC or other successful methods. Yet as this space expands we will need to look more broadly across both digital communications and processes as to how we validate to reach the degree of trust required, else we become sceptical and work on the basis we simply don’t trust – and thus limit the associated risks and impact. With the scope of faking looking to show little abatement, we can only expect more of the latter,” Day pointed out.
Growth of the Cloud
In Day’s opinion, perhaps, one of the most significant trends in the cybersecurity space will be the journey of the cloud-from ‘cloud first’ to ‘cloud appropriate’ to ‘hybrid and single cloud and now multi-cloud. “What comes next in the cloud journey? The likely answer seems to be more specialist clouds. Why? Particularly across EMEA, it seems virtual boundaries for data are growing; many policy stakeholders encourage ‘cloud first’ more and more, but adding the caveat that the data must stay in the country or region. This is driven by the ever-increasing focus on privacy.”
“Cloud agility of on-demand compute will continue to provide complexity for security. Decisions will need to be made on what is taken as a service, what is done in-house, and most critically, how to do that consistently as cloud services become more specialized,” he said.
5G-a game changer
Nothing has, perhaps revolutionized the regional landscape as much as 5G. When it does go live, the delays in rollout will simply mean that the CSO and the security team will have more things to grapple with as the additional time means more solutions are ready for market, and many will be desperate to gain quick returns to get their own profitability plans back on track. “Businesses should not put off 5G/IoT planning but instead use the additional time now to better define how they will identify the things in the wave when it happens, and what will be the right security process and capabilities to include. If we think having a shared model between cloud and business is complex in 2019, we must realize that 5G/IoT has the ability to create far more complex technology chains and associated responsibility models.”
Edge computing gathers pace
“Today, we are seeing the growth of edge computing, the ability to do that first-level data processing and aggregation before sending to the cloud – the logic being to reduce the latency, lag, and costs of data processing. Edge computing is still relatively in its infancy; the most common examples we all probably use are digital personal assistants, like Alexa or Cortana. We have already seen examples of how these processes can be compromised in a number of ways; new capabilities generate new opportunities for compromise, and where the opportunity is worth it, criminals will focus. Edge computing is an aggregation point, which, like the porridge, is just the right temperature for the adversary. As such, expect to see examples of it being tested by the adversary and security strategies mature quickly around this space,” Day observed.