It’s the time of the year where everyone makes predictions for the following year. But rather than focus on predictions, I’d like to zero in on long-term trends that will have a broad, far-reaching impact. So without further ado, here are three of them:
The risk rhetoric around cyber breaches will shift from one aimed at confidentiality to one increasingly focused on integrity and availability. Typically, when we talk about breaches, more often than not we’re talking about compromised company data or customer information. Many of the recent large breaches in the news reflect this. Cyberattacks that seek to compromise confidential or personal information are fundamentally attacks on the confidentiality of information. However, as we look toward the world of connected devices, breaches in that world will affect the functioning of those devices.
In other words, cyber breaches in the world of connected things or the internet of things (IoT) will impact either the availability of devices or the integrity or functioning of those devices. And this is a much more serious threat than what we are used to today. Cyber breaches that affect the integrity or availability of devices can be life-threatening, and consequently, the risk, cost and threat levels associated with such breaches will far outweigh anything that we are seeing today. An example that comes to mind is medical equipment vital to a patient’s survival such as a respirator or insulin pump. While we as an industry are perhaps reaching the point of breach fatigue, I think the bigger set of issues lie ahead of us.
The use of machine learning (ML) will increasingly proliferate across all aspects of cybersecurity. With recent advances in technology, the use of ML is no longer something mystical, futuristic or confined to the academics. Rather, ML is fast becoming mainstream, with open-source and commercial offerings targeted toward cyber defense. Massive compute and storage capacity at affordable prices and infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) offerings are making ML-based solutions easier and more affordable to deploy.
More significantly, however, is that the algorithms around ML, both focused around supervised and unsupervised ML and the toolkits around them, are rapidly advancing in capability and maturity, particularly in the finance sector. Even the ability to throw massively parallel graphics processing unit (GPU) systems toward ML-based computation is now becoming mainstream with the availability of user-friendly toolkits, APIs and third-party integrations. With these advances, threat intelligence researchers, technology companies, academic institutions and InfoSec teams will all increasingly attempt to apply ML-based solutions as a way to fingerprint bad actor activity, build more accurate baselines into normal behavior and surface anomalies against that. Key to the success of this is access to relevant and targeted training data that is used for supervised and unsupervised ML. Here, too, the content-rich network traffic data and metadata, which hitherto were harder to come by, are now becoming easily available. This is one promising and long-term trend that can significantly advance cyber defense.
Any talk about long-term trends would be remiss without a discussion on blockchain. I am referring to the underlying technology behind Bitcoin — not the cryptocurrency itself. The distributed ledger mechanism of blockchain is very amenable to solving many of the broader problems we face today. While smart contracts seem to be the buzz today around blockchain, the real power lies in harnessing it for fundamental and discontinuous shifts in how we think about trust and the role of centralized trusted authorities. These include governments, banks, clearinghouses, credit verification agencies and others. Our long-standing reliance on central authorities has created both monopolies and choke points that cybercriminals have been able to target with massive impact.
For example, take the case of the Equifax breach that revealed a record number of user identities. Rather than having a handful of central authorities that control the data of hundreds of millions of users, we should consider models with each user’s credit history protected as part of a blockchain with access rights controlled by the user as needed, such as for credit verification. Leveraging blockchain in this way would fundamentally change how we think about credit reporting, privacy and the ability to access that information for credit history verification.
There are other challenges that will arise, of course, and blockchain itself will need to evolve. However, the overarching point is blockchain has the potential to create discontinuities that can change and reshape the very notion of the role of centralized authorities, governments and banks and their involvement in terms of how we conduct business in our day-to-day lives. There is still a long way to go with it, but it’s certainly a very interesting trend to keep an eye on.
From a swing of the cybersecurity pendulum to the increasing ubiquity of machine learning and more, 2018 is likely to be one for the books. How do you foresee the cyber landscape changing in the coming year?
Originally published with Forbes.