Security 2018 Surprises and 2019 Predictions (Part 2)

Given the speed with which technology is evolving, we thought it would be interesting to ask IT executives to share their thoughts on the biggest surprises in 2018 and their predictions for 2019. Here's more of what they told us about security:

Joe Diamond, Director, Security Product Marketing Management, Okta:

2018 Surprises

• AI, a re-brand of machine learning, saw lots of marketing momentum in 2018; but it delivered little to no pragmatic value. And there won’t be much progress towards legitimate AI in the cybersecurity industry in 2019.
• In the same way, organizations are migrating their productivity solutions to the cloud — e.g. Office 365 and G Suite — they are also moving their security products there, too. The agility and extensibility benefits are proving a strong incentive to make the switch. Identity, DLP, AV, Device Management — it’s all cloud-powered moving forward.
• Brute force attacks are as prominent as ever; password spraying attacks, in particular, continue to surge.
• Regulatory scrutiny is real, and it has teeth! Privacy requirements and breach notification regs come with increasingly severe penalties.
• Breaches are on everyone's mind; security readiness has truly become a board-level conversation.

2019 Predictions

• Passwords will continue to be replaced by alternative technologies and signals, including biometrics, usage analytics, and device recognition.
• The rate of switching from on-premises to cloud-based security solutions will increase exponentially.
• Attackers go where the money goes; they are eyeing cloud solutions knowing that many organizations haven’t deployed sufficient controls.
• Machine-learning techniques will show signs of maturity for both predictive models and response automation.

Tom Kellermann, Chief Cybersecurity Officer, Carbon Black:

In 2018, we saw a resurgence of Chinese cyber espionage coupled with a surge in destructive attacks. Our latest Incident Response Threat report depicted a wide-spread adoption of C2 on sleep cycles and a high prevalence of attack victims experiencing island hopping and counter incident response.

In 2019, I’m predicting we’ll see more instances of island hopping, particularly via public cloud infrastructure. We’ll also continue to see a wave of destructive attacks as geopolitical tension continues to manifest itself in cyberspace.

In 2019, we’ll continue to see attackers attempt to counter detection in the form of Vapor worms and IoT worms. For my semi-bold 2019 prediction, I’m saying that steganography makes a comeback.

Sarah McMillian, Product Outreach, Temboo:

While network security concerns are touted as one of the biggest challenges for industries to adopt IoT en masse, we saw even greater challenges this year regarding device security. Federal agencies like NIST have taken notice.

We will see more states draft and pass laws to regulate the security of connected devices, similar to California's Senate Bill 237. As connected device manufacturers are pushed to achieve higher security standards, industrial and consumer markets will expect similarly grand security advances from IoT software providers.

Josh Mayfield, Director of Security Strategy, Absolute:

Not all surprises are bad. Some, like the embrace of Zero Trust, are encouraging signs that cyber hygiene is (at last) being enthroned to its rightful place as our most effective measure of a strong security posture. In 2018, I saw an astonishing level of acceptance for the Zero-Trust security model. Historically, this concept has been the preserve of academic reflection and sterile idealism, detailing how IT environments must enforce continuous authentication between people, data, workloads, networks, and devices.

But over the past 12 months, many organizations have whole-heartedly adopted the Zero-Trust mindset. It is yet another instance where we see a return to the fundamentals of cyber resilience, rather than passive security, which is always biased toward more tripwires, playbooks, and hypersensitive detection alarms.

The IT and Security Market

The Market Will Become a Big Melting Pot

There will be consolidation everywhere. Not only are VC/PE funds applying more scrutiny to kitschy startups, but their would-be customers are also sitting this one out. Finding problems around the margin and developing technology-enabled solutions for them will prevent a lot of early-stage companies from taking off. Then, even the companies with extraordinary value will get lost by folding into a general perception that these solutions aren’t worth the bet. So, forget the IPO. It takes time, provides shaky confidence, and offers no guarantee that you’ll satisfy early investors or get the cash injection you need. What should you do instead? Join forces with another company of a similar size and merge. Financial markets, not the objective merit of the tech, will drive consolidation.

Prevention/Cyber Hygiene Will Remain Priorities

We’ll continue to see the pendulum swing back to prevention as the most impactful thing security and IT teams can enforce. The focus on cyber hygiene will also keep increasing, with budget dollars flowing in that direction. The discipline of doing the small things right every time will be key for a robust security posture.

Anonymous Isn’t Going Away Anytime Soon

Data privacy concerns have reached a boil. Within western nations, we’ll continue to see a heightened focus on this issue and will likely see regulations spill out of Washington. This accelerated path to law (historically an impossible expectation) will come from an inert tech lobby. Tech leaders are encouraging a unified privacy standard with regulations to enforce it, which is much better than dealing with 50 different state laws. The U.S. will likely adopt a data privacy rule that looks like a modified HIPAA, as well as a framework of controls for everyone (with NIST as a probable candidate.)

Threat Landscape

More Cyber Attacks Using Social Media

The hodge-podge of social media networks has disintegrated individual people into particles of data we call “personal information.” State-based cyber-warfare will likely continue its focus on direct heists and disabling services, while your run-of-the-mill cybercriminals will increase their activities using social media. After page scraping, account hacking and brute force attacks, cybercriminals will develop composite profiles that will fool the account authentication mechanisms of social media platforms.

The Rise in Data Manipulation

As insights-driven organizations continue to depend on data for decisions and progress, that data’s integrity will take center stage. Approximately 85 percent of cyber attacks are detected when the invader attempts to lift valuable information from the victim’s coffers. In 2019, cybercriminals will shift to manipulating data to corrupt its corporate performance, deceive shareholders and institutional investors, and rake in the cash.

Todd Kelly, Chief Security Officer, Cradlepoint

In 2018, it was surprising to witness the apprehension around IoT and cloud technologies based on security concerns. Cybersecurity concerns are real, but by using expert cloud-based management platforms and software-defined perimeter technologies, they can be effectively addressed. There will always be devices that are compromised and vulnerabilities that are exposed, but just as we’ve built these technologies, we’ve also built the safety constructs to protect them. If we commit to tried-and-true security practices while adopting new approaches that leverage wireless, software-defined, cloud technologies, we don’t have to let our concerns unduly impact our progress.

In 2019, as the network security industry develops better detection and defense solutions, traditional fixed perimeter-based approaches to network security will evolve. More people and things are living outside these walls, and the walls built around data centers and branch offices are often penetrated from within by employees using unsecured personal devices and shadow IT deployments. The new WAN landscape next year will demand an elastic edge to extend protection beyond physical and static infrastructure for people, mobile and connected devices on the move.

Ran Ilany, CEO, Portshift

The Meltdown vulnerability discovered at the beginning of 2018 was most surprising. During the last couple of years, the industry was less concerned about hardware however Meltdown brought it to the forefront and shaped 2018’s security discussion.

In 2019, we predict a shift from network security towards identity-based application security. The cloud causes traditional control planes to become obsolete. From firewalls and IPS' to host-based security tools, current technologies cannot be implemented in an effective and constructive manner. Application identities, in a similar process that user identity underwent in the last couple of years, will conquer the main stage.