September 21, 2018
2019 Security Planning Guide Pt 2
The Evolution & Future of Cyber Security
In Part 1 of the 2019 planning series, we discussed the evolution of technology and how that has driven cyber attacks. Now we will look at the future of cyber security defenses and how they have evolved to respond to each threat and what that means for your current and future security strategy.
The Evolution of Cyber Security Defenses
In response to the attacks of the 80s and 90s, the core preventive cyber security solutions were created. This included firewalls, email security, Web security and 2-factor authentication.
In the 2000s, several new cyber security solutions were created such as UTM firewalls, enhanced WiFi security and endpoint security designed to protect against phishing, email attachments and malicious website links. Also created were data protection solutions such as Data Loss Prevention (DLP) and data encryption. The first security attack detection tools were added in the form of Intrusion Detection and Intrusion Prevention Solutions (IDS/IPS).
In the 2010s, a host of new cyber security defenses were created to deal with the plethora of new threats such as zero day attacks, ransomware, CEO Fraud, advanced persistent threats, spear phishing and software supply chain attacks. The growth in attacks can be attributed to crimeware tool kits that make attacks easy and cheap to initiate as well as the shear number of users on the internet that can be easily attacked. Small businesses are especially vulnerable and new attacks can reach small businesses economically.
The solutions created to address the new threats are in multiple categories:
- Detection & Monitoring: These solutions acknowledge that not all attacks can be prevented and therefore monitoring and detection are required to alert when attacks are detected.
- SIEM – Security Information and Event Monitoring of all security logs. Other threat detection solutions have been added over time.
- Network Monitoring – A new breed of artificial intelligence and machine learning (AI/ML) cyber security defense that looks for anomalous network traffic that is indicative of an attack.
- Advanced Persistent Threats – Multiple solutions created to detect and correlate threat information from email, networks, endpoints and the gateway looking for a multi-stage attack.
- Cloud Application & Data Center Security – Cloud security solutions that attempt to secure your data as it is moved to the cloud.
- CASBs – Cloud Access Security Brokers, and lite versions of CASB in firewalls, attempt to provide visibility and control for applications that are deployed from the cloud. Both sanctioned (approved) and unsanctioned applications need to be controlled and monitored.
- Cloud Data Center Security – Public and private data center firewalls, anti-malware and endpoint solutions have been created to extend data center security to the cloud.
- Email Security – Has been extended to protect against phishing, spear phishing, CEO fraud and spoofing. Email is still one of the top attack vectors.
- Advanced Malware Solutions: Cyber security advanced malware solutions including AI/ML to defend against zero-day attacks and ransomware have been added to endpoint and firewall solutions.
- Automatic Response and Forensics: The ability to prevent or automatically respond to and repair ransomware encryption and to provide forensic capability after the attack is now beginning to be built into new products.
The Future of Cyber Security
The Future of IT Technology
The short term future of IT technology will include the continued move toward “everything wireless” as WiFi, Internet and Cellular speeds all go over 1 Gbps. That plus ongoing advancements in smart phones, mobile devices and IOTs creates an enormous target for cyber criminals. As everything gets done using overlapping wireless networks from our mobile devices as they connect to data in cloud, the task of protecting data continues to get more difficult. The growth of big data increases the attack footprint as well.
The use of block chain technology to solve privacy problems and provide more efficient transaction will create vulnerabilities in those ecosystems. While block chain data structures may be secure, the surrounding ecosyst