Connect with our team of offensive security, AI security and pen testing experts at Black Hat Europe 2023. Learn More

Connect with our team of offensive security, AI security and pen testing experts at Black Hat Europe 2023. Learn More

Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

Managed Security Services

Expand your team’s capabilities and strengthen your security posture

Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

Penetration Testing

Subscription- or project-based testing, delivered by global experts

Database Security

Get ahead of database risk, protect data and exceed compliance requirements

Email Security & Management

Catch email threats others miss with layered security & maximum control

Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Platform
SpiderLabs Fusion Center
Security Operations Centers
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Experts Q&A: A 2018 Review of Cybersecurity and Guidance of Where You Go from Here

Humans inherently are drawn to predictions because, deep down, we want to believe we have some control over our fate. The reality, though, is that prognostications remain a slippery slope, especially within the information security industry.

Many times, if they’re not overtly obvious or rooted in wishful thinking, they’re pie-in-the-sky. But the real problem is that instead of trying to forecast the next big threat to impact organizations, how large the skills gap will grow or whether security spending will increase or decrease, we should take care of the real problems that sit in front of us, like, right now, at this moment. And if you’re going to worry about the future, then work to create a nimble and flexible program that can adapt as the attack landscape evolves.

So, to take a marginally different slant on this whole end-of-year ritual, we decided to ask four Trustwave SpiderLabs experts to assess the year that was and evaluate whether security professionals are in a better or worse place than they were when it began. We will contractually close with our experts peering into the future and offering their most sensible – sensibility being key – projection of what 2019 will bring, which, as you’ll see, really speaks to that need to get the fundamentals in order before you can fret over any forthcoming calamity. Of course, that didn’t stop one of our researchers to paint a dystopian nightmare that may or may not involve you reluctantly running the local cat club.

Let’s get started.

It’s time to put a bow on 2018. How would you describe the cybersecurity developments of the past 12 months? 

Anat Davidi, senior security research manager: I think that from a technical perspective, it’s been a fairly non-chaotic year, at least relative to the perpetual chaos of the cybersecurity industry. It feels to me like this year a lot more happened on the law and regulation front than the technical front, which is important, but less interesting for me as a techie to talk about. Then again, the year started with the Spectre and Meltdown debacle, so maybe everything else just felt smaller in comparison.

Ed Williams, EMEA director: If I were to grade 2018, it would get a C+. Some good work, but lots of room for improvement. Perennial basic issues remain, but we can overcome these issues with hard work and concentration.

Shawn Kanady, managing consultant – DFIR: 2018 was certainly the year of endpoint detection and response (EDR). There are so many companies now trying to get in that space and developing with a fury. The EDR war plays out on Twitter and at security conferences reminiscent of the old anti-virus company wars.

Mark Whitehead, Americas director: They are ever changing, however, not unique. The same fundamentals apply year in and year out. It is how organizations adapt to the changing landscape and execute on those fundamentals that separate the winners from the losers.

Are we in better or worse shape heading into the new year?

Shawn: In my opinion, we are no worse or better than we ever were. The security tools are getting better, but with the amount to choose from it makes it harder for companies to understand what they really need. Security 101 is still a big problem and fixing those issues often comes free.

Mark: In general, I would say most organizations we consult with are in better shape. However, for most organizations, it takes one external event they cannot control that can change their posture almost instantaneously. That said, they are best served focusing on what they can control.

Anat: That’s always such a black-and-white question. We’re better in some ways and worse in others. We learn how to better secure some existing technology and invent three new technologies with a whole new set of security problems to solve which will probably become 2019’s problem. I always worry that we’re not training enough security professionals and not standardizing/enforcing best practices fast enough to keep up with it all, but for now it seems like we’re hanging in there.

Ed: I’d like to think we’re getting better as an industry and more mature. While this is true for certain areas, we still have a long way to go to get the basics of patching, passwords and policy done across the board at an enterprise level. If there was one area I could put extra focus on, it would have to be defense in depth, making sure there are multiple layers of defense for an organization – which, unfortunately, is easier said than done.

Please whip out the crystal ball for this one: When all is said and done, how will we remember 2019?

Ed: Hopefully this year we finally got a hold of the basics and really make threat actors work for their hacking rights.

Shawn: At the end of 2017, I predicted that ransomware would be ditched for cryptojacking, and we have certainly seen a drop in the number of ransomware attacks and an uptick in cryptojacking. In 2019, I expect Internet of Things (IoT) devices to be the new playground for cryptojacking malware. IoT devices are too fast to market and have next to no security built in, bringing back 20-year-old vulnerabilities.

Mark: New ways to hack into organizations will be discovered, and organizations will be impacted by both new and old techniques. 2019 will be the year of trying to simplify our industry. It has become too complex and a burden on organizations to keep up with the various solutions, venders, threats, terminology, etc.

Anat: The year when your fridge mysteriously ordered 1,337 cartons of milk so you had to live on cereal and pudding for a month and all the neighborhood cats moved in with you.

Should have seen that one coming.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

Latest Trustwave Blogs

Trustwave’s Observations on the Recent Cyberattack on Aliquippa Water Treatment Plant

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity &...

Read More

How Trustwave Can Assist Tribal Governments Applying for $18 Million in DHS Cybersecurity Grants

Tribal governments are among the most underserved organizations in the US when it comes to cybersecurity preparation, with threat actors striking multiple tribes with a variety of cyberattacks.

Read More

Trustwave Backs New CISA, NCSC Artificial Intelligence Development Guidelines

The U.S. Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Centre (NCSC) today jointly released...

Read More