The cyber threat landscape is constantly evolving, with different strains of malware attacking network systems every day. Organisations are losing the cyber war and, as a result, cyber security needs to evolve to combat the growing problem created by cyber attacks. This may take the form of security systems integrated with AI or simply stricter regulations so organisations will take the threat more seriously.
Over the next five years, cyber security will evolve. But in what ways? Will the balance of the cyber war change, or will hackers still reign supreme? Information Age asked ten cyber security experts for their views on how the cyber security landscape will evolve in the next five years.
>See also: Cyber security is a ‘people problem’
Security vendor Check Point’s regional director for Northern Europe, Nick Lowe, suggests that the standard cyber security practice will see automated responses to cyber attacks.
Cyber security defences will use more intelligence, big data analysis and machine learning to automatically identify threats and work proactively to expose and correlate the full operation of new cyber attack campaigns, he says. For example, a new attack might start with a malicious link being sent in an email to an Office 365 cloud.
The security solution will identify this, block the attack and upload the ‘indicators of compromise’ of the attack – that is, how it works – to a cloud-based threat intelligence service, which correlates it with other attack types.
‘So new attacks using that malicious link or website – for example, sending it by WhatsApp or SMS – get blocked automatically, before the attack can take hold. These attacks might otherwise seem unrelated, but in fact they could belong to a single attack campaign that is targeting an organisation using multiple vectors.
‘This threat intelligence and analytics capability is the equivalent of vaccinating networks against new infections as they emerge – building immunity that protects organisations before new attacks can be effective.’
Ian Smith, CEO and founder of Gospel Technology, believes that blockchain will be essential in protecting data from malicious attacks.
One way to tackle this issue of cyber security is with the use of a distributed ledger system, better known as blockchain, which guarantees the integrity and identity of the content appended through decentralised validation.
‘Once recorded, this data cannot be changed, ensuring provenance and history for the key trust indicators of the digital assets,’ says Smith. ‘For data regulation, these are bound to a cryptographic hash and can then absolutely guarantee the integrity of the data.
‘The application of blockchain in this space will see that trust return in the next few years as completely unbreachable systems are introduced to the market that allow perimeterless but controlled private distributed ledgers.’
Collaboration through unification will be an essential part of the evolution of cyber security over the next five years, according to Sándor Bálint, security lead for applied data science at Balabit.
‘One of the things that we are surely going to see in the field of cyber security is convergence,’ he remarks. ‘In particular, convergence of data, technologies and skills.’
Convergence of security-related data
‘Organisations need to gather, store and correlate information coming from various sources, continuously expanding both coverage and depth of data, including raw sensor data, system logs and threat information,’ says Bálint, ‘naturally followed by an increased need for faster and more intelligent analysis of large volumes of data for security-related information.
‘They need to have comprehensive visibility in order to spot potential cyber threats and to successfully defend against them. Without recording the data, they are flying blind. Without correlating data from different sources, it is impossible to identify complex patterns.’
>See also: 10 cyber security trends to look out for
Convergence of security technologies
Bálint continues, ‘Convergence of technologies will mean better integration possibilities between vendors of different products, inclusion of advanced analytics into various security products, security getting a more prominent place in non-security products and a renewed interest in data integration and analytics products specifically tailored to cater for the needs of information security.’
Convergence of skills
‘For a successful cyber security defence programme, skills are needed in information security, physical security, software development, engineering, data science and IT administration, as well as psychology, law, economics, law enforcement and education (and more),’ comments Bálint, ‘and they need to work together efficiently.’
The reason that such convergence of data, technologies and skills in cyber security defence is so significant is that a similar convergence can be observed in cyber security offence, judging from the increasing sophistication of current cyber threats.
The cyber skills gap is an issue that is holding back innovation and advancements, not only in the cyber security sphere but in the general digital market. Philip Hammond, in his Spring Budget, sought to address this with mass investment and the introduction of T-Levels. It is firmly on the government’s agenda to make the UK able to compete on a global scale.
Within cyber security, Geoff Smith, managing director of Experis UK & Ireland, believes that addressing the cyber skills gap will help the industry move forward.
>See also: Cyber security from a hacker’s perspective
‘With the threat of cybercrime showing no signs of abating, employers are committed to ensuring that IT security skills are embedded into their organisation for the foreseeable future,’ he says. ‘Linked to this is the increased need for internal training and development opportunities.
Businesses must foster a culture of learnability and upskilling to equip existing and new security professionals with the right tools to defend against future attacks.’
The demand for IT security talent is at an all-time high. Over the next five years, those organisations that are looking to plug the skills gap will be willing to pay more than ever before to bring in the right people with the right experience at the right time to ensure that their business doesn’t become the next cyber security headline.
5 The consumer
Doug Clare, vice president of cyber security solutions at FICO, envisages a change in consumer attitude towards cyber security as one way that this industry will evolve. ‘Consumers will care a lot more about their own cyber security,’ he says.
‘The great doorbell hack of 2016 kicked off the year with a loud “ding-dong”. Hackers figured out that smart home devices such as doorbells and refrigerators are gateways to home Wi-Fi networks and Gmail logins respectively – and surely that is just the beginning.’
As consumers embrace more Internet of Things (IoT) devices within the home, and more and more of their daily affairs (like banking and shopping) are conducted online, the security of their home technology environment will become extremely important.
‘I predict that in the coming years new services will emerge that allow consumers not only to protect but to evaluate and improve their own cyber security,’ Clare adds.
6 Public sector
As mentioned earlier, Hammond’s Budget looked to address the cyber skills shortage. Adam Vincent, CEO of ThreatConnect, believes this interest in cyber security will only increase over the next five years and will be essential in the evolution of the industry.
‘The government will up its cyber security game,’ he remarks. ‘Philip Hammond’s announcement that the UK government would provide £1.9 billion of extra funding for cyber security over the coming years indicates a major step-up in public cyber response.
‘With state-sponsored hacking making major headlines worldwide, we will see governments increasingly moving to block the negative effects of these attacks. Part of Hammond’s announcement related to cyber offence, so we are likely to see not just a reinforced “national firewall” of defence mechanisms but also a redoubled effort in terms of retaliation and retribution.
‘We will also see more collaboration between public and private organisations, as government bodies and enterprises look to benefit from shared information against mutual adversaries. We will begin to move towards a more unified national approach to cyber security based on information-sharing communities, rather than a fragmented, secretive organisation-by-organisation approach.’
Data protection laws are currently outdated for the amount of personal information and data being generated. This will no longer be the case when data protection laws like GDPR and PSD2 come into effect.
As the threat of cyber attacks continues to grow, so does the risk of data loss – as has been evident from multiple breaches, from TalkTalk to Yahoo. ‘In terms of legislative developments,’ says Helen Davenport, director at Gowling WLG, ‘we can look forward to more clarity regarding the implementation of the Cybersecurity Directive which takes effect in May 2018, the organisations that it will apply to and the specific requirements placed upon them.
There will no doubt also be further guidelines and standards, some of general application and others focused on specific sectors perceived as particularly at risk or new, such as autonomous vehicles.
For those caught by further legislation, there will be the additional burden of compliance and the threat of enhanced penalties for failure. ‘In addition, the ongoing challenge that businesses and other institutions face in the area of cyber security is that most countries, including the UK, do not have a single law regarding cyber security. Instead, there is a patchwork of laws, regulations and guidance that has been developed in response to the cyber security threat,’ says Davenport.
‘Staying abreast of the law, regulations and guidance and putting in place proportionate cyber security measures can therefore be difficult, particularly in organisations with extensive and complex systems.
New legislation and guidance is in the main likely to supplement rather than replace what already exists.’
8 IoT exposure
Devices connected by the IoT have already been exposed as vulnerable in recent DDoS attacks that took over the insecure devices to attack critical infrastructure. James Plouffe, lead solutions architect at MobileIron, believes this trend will continue during the years to come.
‘Over the next five years, there will be an ever-growing urge across the tech industry to leverage the IoT for anything from automating data collection to programming manual actions in the physical world,’ he says.
‘However, this push towards IoT adoption will increasingly leave organisations vulnerable to attack. The DDoS attacks against the Post Office, TalkTalk and Dyn were launched through IoT devices like cameras and DVRs, highlighting the lack of intrinsic security in many connected devices. Cybersecurity will need to evolve to protect against these vulnerabilities with a solution that’s secure by design and built for scale.’
Recent cyber security reports, for example Verizon’s 2017 Data Breach Investigations Report, have highlighted ransomware as the biggest current cyber threat facing organisations. Pieter Arntz, malware intelligence researcher at Malwarebytes, feels this will continue.
‘Inevitably, different ransomware families will continue to evolve over the next five years in a fairly unpredictable manner,’ he comments.
‘As the recent resurgence of Locky has shown, anything could happen – from big comebacks to bold copycats. However, while it may not be easy to predict which specific ransomware families will dominate, it looks very likely that the use of ransomware-as-a-service (RaaS) will only continue to grow. This means that anyone with the right cash can become a cyber criminal, irrespective of the level of cyber skills they might have.’
10 It’s war
The evolution of cyber security over the next five years will see mainstream adoption and use of artificial intelligence within cyber products and organisations as a new cyber discipline, says Paul Calatayud, chief technology officer at FireMon.
‘New threats will emerge beyond malware and shift towards human threats, insider threats, corporate espionage and targeting executive leadership from nation states,’ Calatayud adds.
‘We could very likely experience our first public cyber war between two nations, thereby establishing a new evolution of the battlefield for years to come.’