CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Experts Q&A: A 2018 Review of Cybersecurity and Guidance of Where You Go from Here

Humans inherently are drawn to predictions because, deep down, we want to believe we have some control over our fate. The reality, though, is that prognostications remain a slippery slope, especially within the information security industry.

Many times, if they’re not overtly obvious or rooted in wishful thinking, they’re pie-in-the-sky. But the real problem is that instead of trying to forecast the next big threat to impact organizations, how large the skills gap will grow or whether security spending will increase or decrease, we should take care of the real problems that sit in front of us, like, right now, at this moment. And if you’re going to worry about the future, then work to create a nimble and flexible program that can adapt as the attack landscape evolves.

So, to take a marginally different slant on this whole end-of-year ritual, we decided to ask four Trustwave SpiderLabs experts to assess the year that was and evaluate whether security professionals are in a better or worse place than they were when it began. We will contractually close with our experts peering into the future and offering their most sensible – sensibility being key – projection of what 2019 will bring, which, as you’ll see, really speaks to that need to get the fundamentals in order before you can fret over any forthcoming calamity. Of course, that didn’t stop one of our researchers to paint a dystopian nightmare that may or may not involve you reluctantly running the local cat club.

Let’s get started.

It’s time to put a bow on 2018. How would you describe the cybersecurity developments of the past 12 months? 

Anat Davidi, senior security research manager: I think that from a technical perspective, it’s been a fairly non-chaotic year, at least relative to the perpetual chaos of the cybersecurity industry. It feels to me like this year a lot more happened on the law and regulation front than the technical front, which is important, but less interesting for me as a techie to talk about. Then again, the year started with the Spectre and Meltdown debacle, so maybe everything else just felt smaller in comparison.

Ed Williams, EMEA director: If I were to grade 2018, it would get a C+. Some good work, but lots of room for improvement. Perennial basic issues remain, but we can overcome these issues with hard work and concentration.

Shawn Kanady, managing consultant – DFIR: 2018 was certainly the year of endpoint detection and response (EDR). There are so many companies now trying to get in that space and developing with a fury. The EDR war plays out on Twitter and at security conferences reminiscent of the old anti-virus company wars.

Mark Whitehead, Americas director: They are ever changing, however, not unique. The same fundamentals apply year in and year out. It is how organizations adapt to the changing landscape and execute on those fundamentals that separate the winners from the losers.

Are we in better or worse shape heading into the new year?

Shawn: In my opinion, we are no worse or better than we ever were. The security tools are getting better, but with the amount to choose from it makes it harder for companies to understand what they really need. Security 101 is still a big problem and fixing those issues often comes free.

Mark: In general, I would say most organizations we consult with are in better shape. However, for most organizations, it takes one external event they cannot control that can change their posture almost instantaneously. That said, they are best served focusing on what they can control.

Anat: That’s always such a black-and-white question. We’re better in some ways and worse in others. We learn how to better secure some existing technology and invent three new technologies with a whole new set of security problems to solve which will probably become 2019’s problem. I always worry that we’re not training enough security professionals and not standardizing/enforcing best practices fast enough to keep up with it all, but for now it seems like we’re hanging in there.

Ed: I’d like to think we’re getting better as an industry and more mature. While this is true for certain areas, we still have a long way to go to get the basics of patching, passwords and policy done across the board at an enterprise level. If there was one area I could put extra focus on, it would have to be defense in depth, making sure there are multiple layers of defense for an organization – which, unfortunately, is easier said than done.

Please whip out the crystal ball for this one: When all is said and done, how will we remember 2019?

Ed: Hopefully this year we finally got a hold of the basics and really make threat actors work for their hacking rights.

Shawn: At the end of 2017, I predicted that ransomware would be ditched for cryptojacking, and we have certainly seen a drop in the number of ransomware attacks and an uptick in cryptojacking. In 2019, I expect Internet of Things (IoT) devices to be the new playground for cryptojacking malware. IoT devices are too fast to market and have next to no security built in, bringing back 20-year-old vulnerabilities.

Mark: New ways to hack into organizations will be discovered, and organizations will be impacted by both new and old techniques. 2019 will be the year of trying to simplify our industry. It has become too complex and a burden on organizations to keep up with the various solutions, venders, threats, terminology, etc.

Anat: The year when your fridge mysteriously ordered 1,337 cartons of milk so you had to live on cereal and pudding for a month and all the neighborhood cats moved in with you.

Should have seen that one coming.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

Latest Trustwave Blogs

Law Enforcement Must Keep up the Pressure on Cybergangs

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware...

Read More

Effective Cybersecurity Incident Response: What to Expect from Your MDR Provider

Companies engage with a managed detection and response (MDR) provider to help ensure they detect cyber threats before they do any damage. The "response" part of the MDR moniker is key to that effort,...

Read More

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are...

Read More