2019 Security Planning Guide Pt 2: The Future of Security
The Evolution & Future of Cyber Security
In Part 1 of the 2019 planning series, we discussed the evolution of technology and how that has driven cyber attacks. Now we will look at the future of cyber security defenses and how they have evolved to respond to each threat and what that means for your current and future security strategy.
The Evolution of Cyber Security Defenses
In response to the attacks of the 80s and 90s, the core preventive cyber security solutions were created. This included firewalls, email security, Web security and 2-factor authentication.
In the 2000s, several new cyber security solutions were created such as UTM firewalls, enhanced WiFi security and endpoint security designed to protect against phishing, email attachments and malicious website links. Also created were data protection solutions such as Data Loss Prevention (DLP) and data encryption. The first security attack detection tools were added in the form of Intrusion Detection and Intrusion Prevention Solutions (IDS/IPS).
In the 2010s, a host of new cyber security defenses were created to deal with the plethora of new threats such as zero day attacks, ransomware, CEO Fraud, advanced persistent threats, spear phishing and software supply chain attacks. The growth in attacks can be attributed to crimeware tool kits that make attacks easy and cheap to initiate as well as the shear number of users on the internet that can be easily attacked. Small businesses are especially vulnerable and new attacks can reach small businesses economically.
The solutions created to address the new threats are in multiple categories:
- Detection & Monitoring: These solutions acknowledge that not all attacks can be prevented and therefore monitoring and detection are required to alert when attacks are detected.
- SIEM – Security Information and Event Monitoring of all security logs. Other threat detection solutions have been added over time.
- Network Monitoring – A new breed of artificial intelligence and machine learning (AI/ML) cyber security defense that looks for anomalous network traffic that is indicative of an attack.
- Advanced Persistent Threats – Multiple solutions created to detect and correlate threat information from email, networks, endpoints and the gateway looking for a multi-stage attack.
- Cloud Application & Data Center Security – Cloud security solutions that attempt to secure your data as it is moved to the cloud.
- CASBs – Cloud Access Security Brokers, and lite versions of CASB in firewalls, attempt to provide visibility and control for applications that are deployed from the cloud. Both sanctioned (approved) and unsanctioned applications need to be controlled and monitored.
- Cloud Data Center Security – Public and private data center firewalls, anti-malware and endpoint solutions have been created to extend data center security to the cloud.
- Email Security – Has been extended to protect against phishing, spear phishing, CEO fraud and spoofing. Email is still one of the top attack vectors.
- Advanced Malware Solutions: Cyber security advanced malware solutions including AI/ML to defend against zero-day attacks and ransomware have been added to endpoint and firewall solutions.
- Automatic Response and Forensics: The ability to prevent or automatically respond to and repair ransomware encryption and to provide forensic capability after the attack is now beginning to be built into new products.
The Future of Cyber Security
The Future of IT Technology
The short term future of IT technology will include the continued move toward “everything wireless” as WiFi, Internet and Cellular speeds all go over 1 Gbps. That plus ongoing advancements in smart phones, mobile devices and IOTs creates an enormous target for cyber criminals. As everything gets done using overlapping wireless networks from our mobile devices as they connect to data in cloud, the task of protecting data continues to get more difficult. The growth of big data increases the attack footprint as well.
The use of block chain technology to solve privacy problems and provide more efficient transaction will create vulnerabilities in those ecosystems. While block chain data structures may be secure, the surrounding ecosystems are not.
The Future of Cyber Security Attacks
Future attacks will target large new vulnerabilities and major new attack surfaces. On top of the list will be wireless networks attacks. With everything moving to the cloud, we will see a significant increase in attacks on cloud applications and cloud data centers. Supply chains will be used as attack methods leveraging users trust relationships with 3rd party software vendors, none of which you can control. AI driven attacks with real time morphing attack methods will be used. Social engineering will continue to drive attacks as people put more and more data on social websites and smart phones.
The Future of Cyber Security Solutions
- Future cyber security defenses will need to defend against complex multi-stage attacks that are aided by AI/ML. To do this Adaptive Ecosystem Defenses will need to be deployed. These solutions will need to deploy AI and incorporate integrated security intelligence, detection and response from multiple security solutions. This may require companies to standardize on product vendors that have a broad set of integrated solutions if standards for tight multi-vendor integrated solutions are not available. Many vendors are constructing broader integrated product lines, giving companies several choices on how they wish to obtain optimized security.
- Mobile device security will grow in importance since virtually everything can and will be done on smart or wearable devices.
- IOT security standards will be important, or if not available, securing the wide variety of IOTs will be difficult. Dedicated security just for IOT should be expected from product vendors.
- Block chain specific security will be necessary depending on the block chain solution. But Higher levels of traditional security around the Block chain ecosystem will be necessary to avoid the attacks that are already occurring on crypto currency food chains.
- AI driven risk simulation tools should be available to provide better and more dynamic automated risk assessments in the future.
- Also with the growth in wireless and mobile devices, extra access control will be necessary. Biometrics will not be enough. You will also need use adaptive authentication to verify, location, device, behavior etc.
Takeaways for 2019 and The Future of Cyber Security Planning
- Choose security product partners that 1) have a growing list of integrated products, 2) are targeting your specific sized company with its solutions, and 3) have a vision that is in alignment with yours.
- Outsource for:
- Risk Assessments – Best practices and regulation compliance
- Higher level of security expertise
- Managed Security – Offload your team by using experts in each security area.
- Fill your security gaps that you have been ignoring such as 1) cloud applications and data centers, 2) mobile security, 3) access control, 4) employee training.
- Act like criminals are after your data and money. They are and it is getting very cost effective for them to attack you.
Contact Us – eSecurity Solutions can help you secure your business and to ready your company for the California Consumer Privacy Act
- Assess your risks, prioritize your security gaps and define a compliance level cyber security strategy
- Define an Adaptive Ecosystem security strategy
- Become regulation compliant
- Implement and Manage your security