Virtualization Technology News and Information
Article
RSS
enSilo 2019 Predictions: Cyber in 2019 - A Perfect Storm, a Silver Lining

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual VMblog.com series exclusive.

Contributed by Roy Katmor, CEO, enSilo

Cyber in 2019 - A Perfect Storm, a Silver Lining

Cyber threats aren't slowing down. We see 2019 as a year where three significant industry trends will converge to create a "perfect storm" of cyber risk that will further tax already-stretched security operations teams.

1.  The security talent crunch will force a shift in priorities and practices. The increasing lack of highly skilled cyber talent, estimated at up to 1.8 million unfilled jobs worldwide by 2022, will force security analysts in 2019 to focus more on strategic analysis and automated processes implementation, to strengthen protective policies, and to invest more time educating and guiding the non-technology manager and executive ranks.

2.  Enterprises will feel the challenges of using traditional security and SOC practices for securing data and endpoints in the cloud.  While cloud computing drives huge economic growth and business benefits, those utilizing cloud services, and that's almost everyone these days, are trading flexibility, scalability and speed for visibility and control. The lack of visibility into security for cloud-based servers and virtualized end-points, especially given intervening software layers, sets the stage for a major reckoning, as we see attacks on cloud environments increasing in 2019. There will be more data and documents in the cloud to attack; attacks will be easier; and attackers will therefore enjoy a higher degree of success. Look for greater emphasis on how both providers and customers need to support true protection in the cloud.

3.  Cyber-attacks impacting the Internet of Things will grow exponentially, exceeding enterprises' ability to manage associated forensics and threat-hunting. More businesses employing more IOT devices greatly expand the cyber-attack surface. Attack potency will also increase; many IoT devices don't contain end point security agents, yet often connect to network infrastructure. We believe in 2019 this vulnerability will be used to cause damage inside businesses as well as to leak business and consumer data.

This explosion of data in the cloud, the massive increase in IoT attack surface, and the growing security talent shortage, will bring a perfect storm of successful cyber events in 2019. Unfortunately, the systems, tools and experts we've long been directing at these problems are falling short in scaling, managing and mitigating these pain points in a timely manner.  

For example, the Ponemon Institute's 2018 Cost of a Data Breach Study found the mean time to identify a breach in 2017 was 197 days! That represented a year-over-year improvement of just six days. The mean time to contain was 69 days, only a 3 day year-over-year improvement. This challenging situation can be attributed in large part to attackers' use of advancing artificial intelligence and machine learning that increase stealth, accelerate attack speed, improve attack techniques (like file-less malware) and help evade detection.

All is not hopeless. While this perfect storm is brewing, CISOs and security operations teams can gain the upper hand by in turn applying security automation and orchestration for prevention, detection, incident response and remediation of a majority of incidents.

The artificial intelligence and machine learning driving these powerful tools can provide instant insights and recommendations that will circumvent or minimize many attacks. That will free security experts, too often called upon to fill the role of both General and front line, to focus their talents and expertise where they can have the greatest impact-such as managing high severity events or finding elusive "needle in haystack" intrusions. These professionals will come to rely on automation and orchestration as force multipliers that automatically prevent or remediate persistent attacks, while helping them solve high priority, opportunistic incidents that require manual forensic capabilities.

We believe the ongoing cyber battle will escalate in 2019, as adversaries continue brute-forcing their way in through increasing attacks against increasing surfaces. As the perfect storm continually redirects security practitioners' focus across the urgency of the front line, expect to see increased adoption of security automation and orchestration as tools in the fight. The hard fact that there just aren't enough people to manually process the cascade of threat data won't leave that a choice.

##

About the Author

 

Roy is a 15-year seasoned product manager and security market strategist, combining strong technical knowledge with proven sales and marketing skills. Prior to enSilo, Roy led Akamai's security strategy. Before that, he managed Imperva's data security products and architecture management. Additionally, Roy held various product management and R&D leading roles at several international public and privately-held companies. Roy holds a BSc in Information Systems from the Technion, Israel Institute of Technology, and MBA in finance and business strategy from the Hebrew University. Roy is a DIY master, enjoying fixing anything from cars to home improvement.

Published Wednesday, December 12, 2018 7:41 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<December 2018>
SuMoTuWeThFrSa
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345