Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

3 Technology Developments That Are Disrupting Cybersecurity

Considering how easily prevention-centered security can be defeated, your organization is hopefully turning more attention toward catching threats before they can cause serious harm.

For some businesses, that means making investments in advanced analytics that can take your threat analysis efforts beyond traditional correlation and monitoring tools like SIEM. And for others, albeit far fewer, that also means working in highly decentralized approaches to help flag and prevent data tampering.

Emerging tech can help companies reclaim surrendered ground snatched by the usual suspects: sophisticated threats, a widening attack surface, limited internal resources and the substandard nature of many of today's security products that are much too focused on passive defense.

Given that data breaches are more the rule than the exception, you must focus on improving your detection speeds of new threats. Here are three technologies that are already making their mark - and are poised to become even more intricately woven into your security program in the months and years to come.

1) Big Data Analytics

The concept of Big Data, a term used to describe the voluminous amounts of structured and unstructured data that permeate businesses like yours, has been around much longer than others on this list. The information explosion didn't start yesterday, but only over the past decade or so have the amount of generated data become truly mind-boggling.

The bad news is that the more data that crosses through your organization, the more you have to protect. The good news is that this stockpile of bits and bytes can allow you to more quickly recognize security incidents and slow down data breaches. The biggest problem with Big Data is it is a beast to handle, opening the door for further innovation, which is the perfect segue to…

2) Artificial Intelligence/Machine Learning

Like in baseball, organizations require greater visibility and control into their operations to improve their decision-making abilities and enable better outcomes. For a ball club, that might mean digging deeper into the data to help drive decisions around player personnel and in-game moves. For an IT and security department, it means relying on algorithms to predict threats, automate pattern recognition and optimize real-time decisions to block attacks in an increasingly "noisy" world.

Although AI and machine learning are often lumped together, they have distinct purposes. And you should be more concerned, at least right now, with the latter versus the former. AI is more broadly defined as a branch of computer science concerned with building intelligent machines that can essentially function with artificial intuition - a notion that is decidedly more futuristic than machine learning, a data analysis method empowered by Big Data that is already being practically used in security applications by businesses.

Machine learning is basically a subset of AI that allows machines to behave in such a way without being explicitly programmed, and they can perform better with experience. Aside from its threat detection applications - such as can be seen within our Advanced Security Operations Centers - machine learning is additionally helpful in a cybersecurity context because it can amplify the ongoing human talent shortage.

3) Blockchain

With all the hoopla surrounding Bitcoin - and its dramatic price swings (and most recently, surges) - it may be easy to overlook blockchain, which is the digital currency's underlying technology system that records and verifies transactions. Acting as a decentralized electronic ledger for all transactions, the blockchain also has real security applications that businesses and government agencies are already using. Blockchain-based security technologies offer encouraging signs in areas like identity management and authentication (to prevent fraud), breach protection against attackers trying to hide their footprints, DDoS attack mitigation, and data integrity in applications like the Internet of Things. With this promise, though, comes risk, as the blockchain requires protection of its own.

What Does This Mean to You?

These technologies are ideal candidates to revolutionize the way you think about and approach cybersecurity. Of course, with hype like that, the buzzword bonanza is underway, and security vendors already have begun flocking toward the market opportunities.

Bear in mind that many of these initiatives - especially blockchain - are still in their infancy, which is why you should remain skeptical of current market claims. It would be foolhardy if you didn't first determine whether your organization can extract real value from these technologies. You can do this by evaluating what your challenges are and whether (and how) emerging tech may help solve them.

You may ultimately learn that instead of adopting such a solution yourself, only to jettison it later due to deployment complexity and internal resource shortages, a more optimal alternative could be to partner with an expert that can manage the process for you and offer something bespoke that works for your business' needs.

Dan Kaplan is manager of online content at Trustwave.