Five cybersecurity executives discuss what each sees as the top trends affecting the industry in the coming year.
It’s fair to say that the cybersecurity industry has been in a constant state of flux since its inception. The severity, frequency and intensity of threats, as well as the strategies and tactics used by bad actors, have never stopped evolving.
The same can be said for the defensive postures of the cybersecurity industry. Significant advances that create more effective and comprehensive cyberdefenses revolutionize the industry with regularity. So what does the immediate future hold for next year? We asked five executives from our cybersecurity startups what they see as the top cybersecurity trend in 2020. Here’s what they had to say.
Convergence
Josh Lefkowitz, CEO and Co-founder, Flashpoint
The top cybersecurity trend of 2020 will be convergence. More specifically, we will see greater convergence of cybersecurity-related activities and objectives with other business functions, and vice versa. Since cyber threats don’t exist in a vacuum, cybersecurity teams shouldn’t operate in one. Many still do, but this has been changing rapidly in recent years as more organizations recognize that cybersecurity isn’t just a security issue – it’s a business issue.
One area of cybersecurity where convergence will be especially prominent is threat intelligence. Although threat intelligence programs have traditionally been siloed similar to their network defense, endpoint security, and incident response counterparts, more mature programs are broadening their scope. They’re focusing not only on detecting and blocking cyber threats, but also on understanding and mitigating the risks all threats and adversaries pose to the business. This emphasis on business risk goes hand-in-hand with convergence, which we’re increasingly seeing in the form of greater collaboration and integration of intelligence across business functions. For organizations that embrace this converged intelligence approach, the benefits are abundant: from increased efficiency, to better security, to reduced risk across the enterprise.
Flipping the asymmetry
Ofer Israeli, Founder & CEO, Illusive Networks
Even with all the solutions organizations already have in place to stop cyberattacks, there are still coverage holes. Attack systems have evolved to circumvent all the major systems for identifying and stopping those attacks. This doesn’t mean that the defense systems in place now are useless; you still need a lock on your front door even if most locks can be picked or a door can be knocked down. But the most sophisticated cyber-attackers can get around threat-based and perimeter-style solutions. You may keep out many adversaries, but it only takes one crafty hacker to get in and an organization has a problem on its hands. Defenders must be right every time, block every threat, and find and stop every attacker or they lose, while attackers only need to have one attack slip through the cracks to succeed. It is an imbalance that favors the bad guys.
We have reached the limits of the ‘Whack-a-Mole’ strategy of stopping each individual threat as it comes; it can’t scale and still lets too many unforeseen attacks through. This means organizations must figure out a way to flip the basic security asymmetry that undermines them. Defenders must look for strategies that poison attacker decision-making and tactics, and make the attackers worry about one false move to reveal their presence. Without flipping this asymmetry, there is always the risk that one wily attacker will get through and cause untold damage through a breach.
Cyber threat intelligence to detect and respond
Jonathan Couch, SVP of Strategy, ThreatQuotient
That is a very broad question. From a vendor perspective, there is a lot of movement and interest in SOAR, Machine Learning (ML), and Artificial Intelligence (AI). For the record, I include “data sciences” and “big data analysis” as part of ML and AI. I believe that these will remain the buzz phrases for the next few years and most current and new technologies will try to show how they are part of the ecosystem that is leveraging these capabilities. There’s also a trend for cloud-based security infrastructure (mostly private cloud, though) and EDR (endpoint security) and MDR (managed defense). These markets are growing fast and many organizations are looking at projects in these spaces.
The one common thread I see in all of these, however, is the threat: the security vendor industry is responding to how threats are operating and how security operations groups can better address the threats. Cyber Threat Intelligence will continue to be the common thread in all these products: what are you looking to prevent and detect with EDR, MDR, ML, AI, and SOAR? Once you detect it, how do you respond in a way that ensures you understand the scope of the threat as well as previous attempts they may have made to gain access to your network?
I think one of the bigger trends in 2020 may be the application of threat intelligence to technology that will assist you in detecting the tactics, techniques, and procedures of the threat: the behaviors they have inside and outside your network. The MITRE ATT&CK framework is a major step in this direction and almost every organization I work with and talk to is asking for help to apply the framework to their security operations.
Solving age-old puzzles
Neil Costigan, CEO, BehavioSec
Probably a continuation of what we’re already seeing, like increased privacy legislation, skills shortage, increased automation from both attackers and defenders, and much more sensitive data to safeguard, fueled by the growth of 5G.
It’s easy to get entangled in the new buzzwords for the year but at the end of the day, we’re still trying to solve the same problems: privacy concerns, skill shortage, more information to secure, increased data flows, all while decreasing costs and combating threat actors.
Security visibility
Charaka Goonatilake, CTO, Panaseer
Security Visibility is going to be a major theme heading in to 2020. Complete, accurate and continuously up-to-date visibility into the state of security within an organization is a vital underpinning for a successful security program in today's world.
Firstly, CISOs are faced with a technology landscape that's rapidly increasing in complexity with the ever-growing sprawl of IT infrastructure across on-premises data centers, hybrid environments, multi-cloud, mobile and IoT. Visibility into these diverse and disparate assets is essential to establish a complete picture of cybersecurity risks facing the organization and to adopt a risk-based prioritization of where to deploy the limited security budgets for maximum ROI.
Secondly, security leaders are also having to deal with the increasing scrutiny from a tightening regulatory landscape, where regulators are starting to apply substantial fines for data breaches. For example, the Information Commissioner’s Office in the UK has levied fines of £183M and £99M to British Airways and Marriot respectively under the recent GDPR regulations and a number of similar data security and privacy legislation is being imposed across US federal (e.g. CCPA and NY SHIELD Act) and global (e.g. MAS Cyber Hygiene Notices in Singapore) jurisdictions. While security can never be guaranteed, organizations must be able to demonstrate that reasonable efforts and due care has been taken to identify, prioritize and implement mitigations against cybersecurity risks.
Automated, data-driven approaches will become increasingly popular as the only viable method to provide the facts that establish visibility and allow continuous monitoring of the assets at risk, as well as the deployment and effectiveness of security controls that are addressing these risks.
In an industry as dynamic and diverse as cybersecurity, finding consensus on what the top trends will be for the coming year is difficult to achieve: IT vs OT convergence, cloud-based security structures, MITRE ATT&CK, privacy legislation, the increasing amount of data to secure, and more. All of these trends are significant and worth your time to research. The trick will be to see how these top trends affect your organization now and well beyond 2020.
Read our e-book: The CISO Survival Guide: A Practical Resource for Security Professionals