This is a very interesting year for Innovators. For one thing we had fewer companies this year than in previous years. I attribute that to the efforts necessary over the past couple of years to address the rash of large-scale attacks and the convergences that have been taking place within the industry. Many of our former Innovators have innovated their ways into mergers and acquisitions and in some cases disappeared from the security scene as discrete entities.
However, we have a bumper crop of Hall of Famers this year and the Innovators we do have are about as good as it gets. First, we have seen a reorganization of the industry with ever-increasing emphasis placed on cloud computing. My regular readers know that my view of the cloud is that it is a business, not a technical, construct. That said, from a technical perspective, what cloud computing translates to is “using someone else's computer.” That has huge information security implications.
With those implications has come a whole new emerging branch of our field to address this sort of remote control computing. Also, some traditional areas such as application security have merged into other areas and, while the shift is not yet quite complete, there has been an impact upon the product groupings with which we are familiar.
The one thing that has been clear over the past couple of years is that, as ever, our field is in a constant state of flux. This began when we started to see the impacts of a poor economy and, once that regrouping was well underway, the economy started to rebound and that started a new shifting of emphasis. Then we began to see massive security breaches starting in about 2013 and the tide shifted once again.
One thing that I found quite interesting this year, however, was the nature of some of the innovations our regulars were exploring. In a couple of cases, the companies have shifted their emphasis to address new challenges. But, like all successful companies, these folks did not start a whole new river…they simply redirected the course of the old one into new paths. The results may well prove spectacular over time. As I was chatting with these companies I had more than one flash of “Wow! I wish I'd thought of that!”
I usually pride myself on the clarity of my crystal ball, but the extent of my predictions has become more and more restricted as the adversary takes more and more shifts in direction. That said, there are a few – very few – limbs onto which I will venture.
First, the major breaches we saw over the past couple of years are just getting started. We have made a significant paradigm shift in the last decade from the script kiddy/adventurer type of criminal hacker to the well-paid professional criminal. These bad guys may be cyber mercenaries, crimeware developers or freelance crooks in their own rights. But, unlike the hackers and crackers of years past these people are in it for the money.
The other major paradigm shift is the entry of state-sponsored cyberattacks. While today these are largely emblematic of economic warfare, the time likely is not far off where political motivations will take over from simple financial considerations. When that happens – as it is beginning to even now – it will become a matter of semantics when we talk about cybercrime and cyberwar. They will merge into a single paradigm, both using the same techniques and separated only by subtle differences in motivation.
That's where our Innovators shine. They have their crystal balls polished up and are looking to the future as well. The difference between theirs and mine is that these stars – rising or current – are trying to get ahead of the bad guys. If they are successful in forming the rules of engagement into something we can win, it will be the first time in the history of cybersecurity that this has occurred. Looking at this group of Innovators, I think it entirely possible that within a year or two some will have innovated their ways into a winning hand at the cyberwar game.
And that – make no mistake – is where we are likely to be in a couple of years. Even today the difference between cybercrime and cyberwar is minimal. New definitions that include sub-state actors and large organized crime gangs will need to be considered. From the perspectives of the defenders and the incident investigators the differences will become far fewer than the similarities. That may be good news for our Innovators because for the first time we may start to see technical similarities that invite more universal solutions to challenges that themselves have become more universal.
Click here to see a full list of this year's industry innovators.