Time flies, especially in the world of cybersecurity. We’re already mid-way through the year, and a tremendous amount of activity has occurred. Breaches, vulnerabilities, cyber attacks, and arrests… it’s been a mixed bag of digital movement that continues to keep us on our toes.
Now, back in December, we decided to reach out to some of the experts on the SpiderLabs team at Trustwave who provided us with their assessment of 2018. It may have started off with a bang due in part to the Spectre and Meltdown incidents, but activity eventually cooled down, and it was a “fairly non-chaotic” year as Trustwave SpiderLabs Senior Security Research Manager Anat Davidi said.
Rather than wait until the end of the year, we’ve decided to revisit the predictions made and connect with a couple of our experts who shared previously shared their take. Instead of just reviewing their previous forecasts, they’ve also looked ahead and shared what else the future could hold as far as the evolving security market’s concerned—that’s right, the vendor show floor at the RSA Conference could be getting smaller eventually.
Before you dive in, we suggest visiting the previous predictions, which were pretty spot on, apart from your fridge turning on you.
We’re midway through the year and the predictions made in December are pretty accurate. What stood out to you the most so far?
Mark Whitehead, Director of Americas: I think the whole team was pretty accurate on what they predicted, and we’ve seen a lot of it come true. I don’t think we were necessarily making earth-shattering predictions, we were just looking at the landscape and realizing that not too much changes six to nine, to twelve months out, so they were calculated predictions based on what we know and have seen. When you look at Shawn’s predictions regarding IoT and cryptojacking, there has definitely been some really great examples of that this year.
Based on what I predicted—the industry inching toward simplification—I think you’re starting to see a lot of that as well through some activities that you wouldn’t even consider “simplification” activities. We’re seeing a lot of mergers and acquisitions taking place where organizations such as ourselves are starting to realize that contract mechanisms are getting in the way of being able to protect, detect, and respond to breaches. Organizations being able to present themselves as “one-stop shops” is proving that simplification prediction to be true.
Ed Williams, EMEA director: The basics of patching, passwords, and policy are still a problem for our industry; CVE-2019-0708, which is a Remote Code Execution issue for RDP / MSTSC, is serious. Organizations who can’t patch in a timely manner and have poor processes leading to excessive external visibility are going to get caught out by this type of issue.
Anat Davidi, Senior Research Manager: Being a European, GDPR has been very noticeable for me. I’ve been pretty impressed with the fact that it’s been enforced quite well, and you see actual consequences for lack of compliance. I’ve also been impressed with the creativity of some platforms in regard to how cumbersome they manage to make an obligatory opt-out feature they clearly don’t want people to use.
What technology’s proving to present the biggest challenges for businesses?
Mark: We have seen some focus on threats surrounding IoT. That specifically is getting more focus with 5G, so we talked about some of the newer technologies that we’re going to be playing catch-up on. And not just because of the 5G technology, but you’re also going to have to have some backward compatibility with those type of technologies. So, if we didn’t fix it now, it’s going to be harder to fix in future iterations.
Ed: With a rush to the cloud, organizations need to ensure that their security maturity is matched when they move to the cloud, all the large providers offer excellent security controls, but with the shared model of responsibility, some of this ‘responsibility’ is with the client, and I’m not convinced that all parties realize what ‘going to the cloud’ means in terms of exposure and potential security issues.
What should we be doing more of from a security standpoint?
Mark: Simplification. Organizations are beginning to bring together various functionalities so they’re not just a defense company that can’t test you. They can bring the offensive testing component, they can help you with compliance, they can help you defend against events that are happening. They should also be able to help you respond to threats.
I’m seeing this happening in the space right now. I see this as a positive trend because security leaders contract with thousands of organizations, and the contractual mechanism is a hurdle. By bringing all those services to bear for a business, that’s a very positive trend. It also brings more data into organizations, to help them better respond. It’s a trend that I’ve seen with the numerous acquisitions and partnerships in the space.
Ed: Reduce external visibility, going back to RDP, there is never a requirement to have that service listening directly on the Internet, yet there are over five million of these services listening directly on the Internet. Reducing external visibility will go a long way to raising the bar and frustrating those bad guys.
Anat: Educating, always educating. Security is such a fast-moving field that it’s really hard for security leaders to stay on top of all the threats they need protection against. Add budgets constraints to that list of challenges, in addition to a market full of everything from specialized products to all-in-one solutions that purport to do all but make you coffee. You need to be an expert just to figure out what you even need, let alone assess which tools will help solve your problems at the right price. Let’s just say I’m happy to be on this side of security spectrum looking out.
As we head into the second half of the year, are you sticking with your original prediction or calling an audible?
Mark: We’ve seen some pretty significant breaches. Just being in this profession, I predict we’ll see more of those. I have seen some improvements, though, in acknowledging them and realizing you need to take action. If you look five to ten years ago, there weren’t a lot of plans in place when this stuff happened to an organization. But now you’re seeing businesses recognize it much quicker and they’re also not trying to hide the breadth of what the breach could have been. We’ll continue to see some simplification. As we continue down that path with a lot of the consolidation in the space, you’re going to see a lot of these offerings to organizations be simpler for them to consume.
Ed: 100 percent yes, it’s always about the basics!
Anat: I’m sticking to my original prediction all the way! But you won’t find me buying a smart fridge, so someone else will have to let me know if I got that one right at the end of the year.
Marcos Colón is the content marketing manager at Trustwave and a former IT security reporter and editor.