Virtualization Technology News and Information
Tufin 2019 Predictions: Lessons Not Learned, Automation Action and an IT Revolution

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual series exclusive.

Contributed by Reuven Harrison, CTO and Co-Founder of Tufin

Lessons Not Learned, Automation Action and an IT Revolution

The New Year Brings Nothing New

2019 will be the "Year of Lessons Not Learned"; we'll see the same security issues and the maturity of technologies that already exist.

In 2018, many organizations undertook their first steps to container security - which translated to vulnerability scanning - getting more data and false positives than they know what to do with - and rendering security as a check box process. Vulnerable containers will still exist and remain accessible, and organizations can't act because they're inundated with so much data.

Regarding security in the cloud, history is likely to repeat itself, and as the move to the cloud continues, we'll inevitably see organizations spin up openly accessible servers and data in the cloud. This risk cannot be remediated with traditional security processes that are incompatible with DevOps CI/CD processes.

Last year, we also predicted that automation will reach the tipping point. This came true in the sense that organizations now understand they must adopt automation. What has slowed the process of full adoption is the cultural challenges. In 2019, we'll see an acceleration of automation across the industry. 

"Automation First" Must Happen

In 2019, we'll see more emphasis on security in cloud native organizations. Many are talking about it; this will be the year that they take action. To do this, there will be an emphasis on automation. There's no way that DevOps teams can get security into their environments without automation. To secure cloud-native environments, you must approach it from an automation-first perspective.

The Changing Face Of The Firewall 

In 2019, we will also see new cloud solutions providing security for the public cloud, coming from the traditional firewall vendors, following up on the recent acquisitions of public cloud security companies. This trend is twofold. First, it is a response to the increasing shift of enterprises towards the cloud and their need for security in these environments. Second, the firewall vendors are also realizing the potential of the cloud as a superior platform for software development and big-data analytics.

Next-gen firewalls will continue to evolve as well, as they continue to absorb the functionalities of traditional network security solutions to include capabilities such as URL filtering and other advanced security capabilities.

Kubernetes Will Become The New Data Center Operating System

The main factor behind the success of Kubernetes is how it simplifies and speeds up software development and deployment. For example, it enables "immutable infrastructure" which means that instead of deploying incremental changes to update your applications, you create a new version for every change - whether it's in the application code or in the infrastructure. This concept brings tremendous benefits to the way we develop, deploy and operate applications (and how we secure them).

Another advantage of the microservices architecture is its ability to parallelize development. By decoupling application functions using microservices, large complex development projects can be broken up into smaller, independent teams, speeding up overall development. In all respects, Kubernetes is driving an IT revolution.

Don't Speak Too Soon...Or At All

We will see an increase in breaches that use virtual assistants for privilege escalation or distribution of sensitive information. These attacks will manipulate people into inadvertently giving voice commands or playing audio on their computer, prompting a sequence of events that leads to information on company performance or to further gather network information to ease an attack.

Hacking The Hacker

In 2019, we'll start to see cyber turf wars, in which hacking groups attack each other to reap the bounty of their adversaries' resources. Previously established botnets mining cryptocurrency will be targeted over companies with financial data as the ease of exchange and redemption of this decentralized currency is much more readily accomplished.


About the Author


Reuven Harrison is CTO and Co-Founder of Tufin. He led all development efforts during the company's initial fast-paced growth period, and is focused on Tufin's product leadership. Reuven is responsible for the company's future vision, product innovation and market strategy. Under Reuven's leadership, Tufin's products have received numerous technology awards and wide industry recognition.

Reuven brings more than 20 years of software development experience, holding two key senior developer positions at Check Point Software, as well other key positions at Capsule Technologies and ECS. He received a Bachelor's degree in Mathematics and Philosophy from Tel Aviv University.

Published Monday, January 28, 2019 7:40 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2019>