As Trustwave celebrates its 25th anniversary, we’ve spent some time looking back at the history of the industry. We also wanted to look ahead, to talk about what that the next few years are likely to bring, how threats are likely to evolve, and how organizations will need to respond. To do that, we interviewed Mark Whitehead, Global Vice President, Trustwave SpiderLabs Consulting. Find the full interview below.
Q: What do you think is the future of cybersecurity?
Mark: Right now, we’ve seen a lot of improvement in terms of security being incorporated into normal product offerings. Especially in the last 5 years, the integration and offering of security as part of a normal package has really changed the landscape. If you look at cloud providers, such as Microsoft or Google, they have really baked in a lot of security at a very high level that was traditionally only available from third party solutions. That means that there will be many things that can be automated.
With that, though, it has become very tough for CISOs, organizations and consumers to know all the different spots that they have security, and to have it all converge together in non-disparate vantage points. So, in the near future, I think you’re going to continue to see trends towards consolidation – to try to make the information obtainable in consumable metrics that don’t force you to dig as deep into the weeds to understand your risk.
The balancing act of that – as we’ve seen in technology as it centralizes – is that you hope it doesn’t go too far into a monopolistic territory, where only the few can truly excel at it. That would be unfortunate, because a lot of the innovation that takes place will always be at the small and medium sized organizations that tend to force change at the larger providers.
Q: What emerging technologies do you think will be most significant?
Mark: Let’s start with machine learning: from what I’ve seen, it’s catching up, but will still need continued investment. Right now, most of what I see is just better automation with a little bit of predictive reasoning, so we still have a lot of opportunity there.
For artificial intelligence (AI), 25 years from now you’ll see that it will become a lot more commercialized, so that it can predict the behavior that it needs to. If a big company, like Tesla for example, invests a huge amount into AI, they’ll be able to move the needle – and a byproduct of those advancements will help in related ways, like in cybersecurity. But right now, organizations are still struggling with basic things, like keeping databases secure, protecting cloud instances, implementing strong password protocols. We’ve been hearing for 10 years that AI is going to fix that – and it hasn’t.
Blockchaining has some characteristics which, if applied correctly, are very impactful to the future of cybersecurity. This will take place more inside of products and security products. Nonrepudiation of data is a cornerstone of cybersecurity. This really could take digital signatures, identification authentication, and time stamping to a newer level. This would make accessing and modifications to data a lot more challenging for attackers and help more organizations secure their data whether it’s voice, documents, or logs. The other technologies are obviously cloud, which has been and will continue to be huge. The internet of things (IoT) is literally changing the form factor for cybersecurity: the traditional boundaries of a network simply don’t exist anymore.
Quantum is also a technology we will see more prevalent in next 25 years. It will have many benefits. Whether it relates to quantum computing or quantum cryptography, it will drive inventions, scientific discoveries, and things not possible in the current computing world. It will also challenge decades of industry encryption advice while also introducing new security features. How these systems are developed and made commercially available will dictate how defenders and attackers leverage this new technology.
But the most immediate impact in the next few years, as service providers, will be that we get much better at automating the really important things for organizations. The near future of cybersecurity will really revolve around taking a data centric approach toward understanding where your data really is. It’s not going to look like a traditional office infrastructure anymore – there’s a lot more blending between things that used to be regarded as personal and what’s now regarded as business – and the importance of data will just continue to grow every single year.
Q: How will cybersecurity threats continue to evolve?
Mark: As new technologies come on board, hackers are very opportunistic – and they will always search for the path of least resistance. If they don’t have to do something highly complex, they won’t. They almost always look for the lowest hanging fruit.
For example, as more and more IoT comes online, they’ll look to adopt techniques that worked previously to the new IoT devices. In the cloud, they’ll search for misconfigurations just like they used to on desktop devices. Phishing will continue to be a huge threat.
So, the location and form factors might change, but not necessarily the modus operandi of the attackers. Criminals will continue to target organizations for financial gain – so the threat landscape really won’t change all that much.
I will add that ransomware is turning out to be very powerful, and it’s changing the way many organizations need to look at their whole program. We’ve seen attackers actually destroy data after they take it via ransomware– meaning organizational risk tolerance for that kind of threat needs to be extremely low.
For the far future, say 25 years from now, there will still be the cat and mouse game between attackers and defenders. Even as the form factors evolve, and new players emerge, our focus will still be the same. I think there will be some big powerhouse companies that emerge to help protect data – and along with that, there will be new government regulations. Internationally, will the Internet continue to be global, or will it silo down into regional enclaves? It will be interesting to see.
Q: Do you think the skills shortage will or can be solved?
Mark: I’m an optimist. When you’re looking at the skills shortage, you’re actually looking at two things. The first is, can I throw more bodies at the problem? The second is, how do I automate more of what I need to do. When I look at the cybersecurity landscape, our ability to automate is improving, so that helps move the needle, just as much as finding the right people. Automation will help solve the easy problems, allowing your smart people to focus on the big ones.
At the same time, we still need to help develop and nurture the right people – and as we are becoming more of a global community, we’re able to find talent from all over the world. The combination of those two things will help fill the gap.
The most successful businesses will increasingly focus on what they’re good at, for example building cars, and not on creating world class security teams, which is expensive and not always achievable. So, as they migrate toward using managed security solutions, and not in trying to recruit the top cybersecurity talent, that will help fix the gap as well.
Learn more about the 25-year history of Trustwave and how we have become a global leader in threat detection and response.