As we face up to the cyber challenges that will plague enterprises in the future – many of those challenges as yet not even dreamt of – one thing is certain: attackers will continue to escalate their activities on several fronts, launching ever more complex multi-phased/vector assaults. As we start to build advanced analytics platforms to help us counter our business challenges, these very platforms themselves will become the target.
It’s a worrying prospect. Only stop and think what the impact might be when we see fully autonomous platforms that control the sale of stocks and shares come under fire. In the days ahead, we will also see attacks against emerging digital payment systems, as well as IoT device and system cyber manipulation. We must also expect to see cyber-attacks against drone technology and the stepping up of social engineering attacks.
Yet there is still widespread failure for organisations to put in place the proper defences to even combat the threats they face today. No matter how many high-profile attacks are reported – Ashley Madison, TalkTalk, Anthem, CarPhone Warehouse, VTech, JD Wetherspoon – the breaches just keep on coming.
The reality is that businesses can no longer continue to operate a security model that has been decaying for the past 15 years: namely by simply locking down their outside perimeters and hoping not to be breached. As we enter 2016 and beyond, we have to be able to deliver security across any platform – even platforms we may not yet even be aware of. We need to envisage a new wave of next-generation security operation centres (SOCs) or cyber defence centres that are completely driven by machine learning and data analytics.
These next generation systems aren’t mature today. But these are the tools that will allow us to see all of the user behaviour of any individual, in any environment, using predictive classification algorithms, which rapidly enable the identification of anyone using falsified credentials to gain access and perpetrate an attack. The future is all about organisations looking at malware across an entire estate, homing in on factors such as increased system memory usage, identifying very early on where their systems have been infected. What we are talking about is behavioural, neural-based analysis, driven by global telemetry – and that will be a critical factor in the years ahead when it comes to detection and protection.
By 2020 we’re probably going to have billions of connected devices, wearables included. That is when we will need to have algorithms that can leverage not only machine learning, but also really understand how humans operate. What we are talking about is redefining the whole security landscape.
As many organisations grapple to understand why the substantial investments they have made in security solutions are failing to keep them safe, they have invested, or considered investing, in their own cyber-trained people as the answer. Yet mostly this has proved cost prohibitive – even if they were able to find sufficient numbers of skilled people to fulfil that role in the first place.
How, then, is cyber to evolve to meet the security needs of these enterprises in the days ahead? An outsourced, automated approach – with a small retained core team of cyber security professionals – is gaining ever greater traction. At Symantec, we are aligning our roadmap and strategies to provide a Unified Security Analytics Platform Strategy that leverages our unparalleled threat telemetry with next generation machine learning and big data analytics to solve uses cases for threat monitoring, incident response risk assessment & advanced threat protection. These next generation analytics and algorithms will provide the heavy analytics that work ceaselessly to detect attacks as they happen and deliver constant protection.
The tools and technology that once kept businesses safe no longer work. Enterprises that hang on doggedly to such ‘solutions’, or simply throw more hardware at the problem, are likely to suffer heavily at the hands of today’s attackers who are unrecognisable from those that sought to infiltrate their organisations in the past. Unless these businesses are prepared to arm themselves with the technology and expertise that will neutralise such onslaughts, the consequences may well prove to be little short of calamitous.
In a recent webinar I talked about the Future Threat Landscape, how technology will evolve and what it means for cyber security. You can listen to the recording here. I’d love to hear your thoughts. Leave a comment below or connect with me on Twitter and LinkedIn.