We spoke with 25 IT security executives and asked them what they saw as the future of security and where the greatest opportunities lie. Here's what they told us:
- AI solutions are like war games with more attacks. Malware is watching SMTP activity and automating into spyware for better spearfishing. We will have robots hacking and counter hacking.
- Threat monitoring and detection. More AI around advanced phishing attacks. I trust Google and what they are building. I trust the infrastructure of AWS but these large players need to include threat monitoring in their product offerings.
- AI, machine learning, and deep learning are all enabling improvements. And it’s necessary since we’re seeing 40% more data every year. We have more sophisticated ways to monitor. Ensure security is part of DevOps and is codified into risk engineering.
- AI and machine learning devices with sensors are all over the world. Tesla makes autonomous automobiles and can make software updates over the air, if something is attached to the internet, it can be hacked. What is the possibility of malware to get all Teslas to turn left at the same time? It is not getting any easier with the scope and scale at the edge with end-point devices. More security is a fulcrum that balances privacy and safety so people will take security more seriously.
- A.I. and machine learning to detect anomalies in logins, movement within the network, export of files.
- 1) Achieve a single approach that applies to form factors and lines of business. Scale and automate security the same way you do with an application. It should be transparent to what developers are trying to do. 2) Security can become an enabler for enterprise agility. Address threats from attackers in fundamentally different ways to stop them earlier in the penetration lifecycle and remediate the issue. 3) Enable business to respond faster to threats. With the speed and ephemeral nature of containers, security can’t keep up. Use machine learning to detect threats and intrusions sooner. Address issues in real-time. This cannot be done with traditional methods.
- Automation to handle high volume, low complexity while increasing the capability to automate more using AI to learn from decisions without human intervention.
- Automation with visibility. Tooling files to detect fixes before the code gets to production. Security needs to become an aspect of code quality. I came to security from the infrastructure side. There are some problems with misaligned goals. Features versus quality. People putting bridge builders in the right places. DevOps needs to become DevSecOps.
- As we move into Platform-as-a-Service and Internet-as-a-Service, know that AWS, Azure, and Google are more worried, and knowledgeable, about security than anyone else. Take advantage of infrastructure SaaS with more automation and managed processes. Use the available tools to scan code and buffer overflows. Put pressure on your vendors to provide proof of secure software. Tools will become more discriminating and have fewer false positives.
- The biggest opportunity is to get as close as possible to running code. Programming languages are becoming, ultimately, more secure. Frameworks will prevent vulnerabilities. Test code as soon as it is written in the IDE. We have spell checkers and grammar checkers, soon we’ll have security checkers. Environments (i.e., mobile and cloud) are becoming more secure in their architecture.
- The cloud will continue to provide more opportunities and challenges. There will be more devices with more virtual access. With IoT, everything is connected to the cloud. My one-year-old Ford pickup is connected to GPS and Wi-Fi and provides vehicle diagnostic reports to me and the dealer. Cloud security vendors need to be more embedded in the cloud and cloud devices. A lot of infrastructures are using traditional hardware due to the fear of putting data in the cloud. The future is the cloud and the tools cloud vendors provide.
- 1) Minimize the number of false positives which waste developer time. If there are less false positives, developers will trust the security tools more. 2) Provide more insights on solutions rather than just sharing vulnerabilities, virtual patches, and solutions information to the management team in a more usable way. Help others within the organization, developers, management, and administration, benefit from security.
- Privacy will be a bigger concern. We consume a lot of free services and give up a lot of privacy (e.g., Google Maps, Yelp, and Uber). With IoT devices, all the data is captured, saved, and stored in the cloud. This will become more important with healthcare.
- Better standards and practices. Regulation and legislation to mandate security standards. We are working on protecting devices already on the network. We’re looking at patching binaries remotely. What happens when IoT devices need patches and the manufacturer is no longer in business? We are determining how to patch firmware of the network at scale.
- In-network threat detection. It works, it’s accurate, and it’s efficient. Peer-to-peer references are driving adoption.
- The simplest things seem to be the hardest to implement consistently. Focus on the weakest link – the users or the system without a patch. Visibility is critical, as are reaction time and response capability. Mid-market, small and medium-size businesses cannot possibly maintain a secure web or application presence. We need a resurgence of MSSPs (managed-security service providers) doing security right – Threat Hunting as a Service. We are 220,000 security professionals short. It’ll be one million in three years. We need to enable service providers to do more.
- We need more innovation with new and different solutions. DevOps evolved from manufacturing. AppSec needs to embrace industries outside our echo chamber.
- Real-time monitoring of events across all platforms.
- With an application network, security teams have many options for controlling who has access to particular systems, what information they have access to and what authentication is required to get in, among several other options. With an application network, these doors are built into an organization’s integration fabric, making it more secure. This is especially important as more and more businesses join new value chains by unbundling their core services and recomposing them into higher forms of business value used by partners and third parties. Security is no longer something that can be thought of as “just within” the company but needs to be thought of “throughout” the value creation chain and broader business environment.
What’s the future for security from your point of view - where do the greatest opportunities lie?
Following are the executives that shared their perspectives on this question:
- Kevin Fealey, Principal Consultant and Practice Lead Automation and Integration Services, Aspect Security
- Carolyn Crandall, CMO and Joseph Salazar, Technical Marketing Engineer, Attivo
- Amit Ashbel, Director of Product Marketing and Cybersecurity Evangelist, Checkmarx
- Ash Wilson, Strategic Engineering Specialist, CloudPassage
- Paul Kraus, CEO, Eastwind Networks
- Anders Wallgren, CTO, Electric Cloud
- Alexander Polyakov, CTO, ERPScan
- Patrick Dennis, President and CEO, Guidance Software, Inc.
- Craig Lurey, CTO, Keeper Security
- Boaz Shunami, CEO, Komodo Consulting
- Eric Tranle, Global CMO, Darrin Bogue, Senior Solutions Engineer, LogTrust
- David Waugh, V.P. Sales, ManagedMethods
- Mat Keep, Director of Product Marketing and Analysis, MongoDB
- Aaron Landgraf, Senior Product Marketing Manager and Kevin Paige, Head of Security, MuleSoft
- Fred Wilmot, CEO, PacketSled
- Gary Millefsky, CEO, Snoopwall
- Wei Lien Dang, V.P. of Product, StackRox
- Cody Cornell, Co-founder and CEO, Swimlane
- Terry Dunlap, Founder and CEO, Tactical Network Solutions
- Chris Wysopal, Co-Founder and CTO, Veracode
- Yitzhak Vager, V.P. Cyber Product Management and Business Development, Verint
- Prabath Siriwardena, Director of Security Architecture, WSO2