Prisco, president & CEO, Quantum Xchange
Prediction: Quantum computers will advance far quicker than predicted, leaving enterprises scrambling to become quantum safe. The first true use of quantum computing will be in nation-state cyberwar activity and not a commercial application. By the end of 2020 it will be evident that RSA 2048 will be doomed in under 5 years, when a nation state like China or the U.S. will have a quantum computer capable of decrypting current encryption paradigms. Quantum computing will be just the latest of many technologies, including nuclear technology, the internet and satellite navigation, that started out in government and military use.
Das, CTO, Blue Hexagon
First malware using AI-Models to evade sandboxes will be born in 2020. Malware developers already use a variety of techniques to evade sandboxes. A recent article explained that “Cerber ransomware runs 28 processes to check if it is really running in a target environment, refusing to detonate if it finds debuggers installed to detect malware, the presence of virtual machines (a basic “tell” for traditional sandboxes), or loaded modules, file paths, etc., known to be used by different traditional sandboxing vendors.” In 2020, we believe that new malware–using AI-models to evade sandboxes–will be born. This has already been investigated in academia. Instead of using rules to determine whether the “features” and “processes” indicate the sample is in a sandbox, malware authors will instead use AI, effectively creating malware that can more accurately analyze its environment to determine if it is running in a sandbox, making it more effective at evasion. As a result of these malware author innovations and existing limitations, the sandbox will become ineffective as a means to detect unknown malware. Correspondingly, cybersecurity defenders’ adoption of AI-powered malware defenses will increase.
Merza, head of security research, Splunk
MITRE ATT&CK will become the go-to framework and common vocabulary for every SOC. For organizations required to have the most aggressive stances on security, such as financial services and healthcare, ATT&CK is already the go-to framework. In 2020, it will become a basis of conversation for security operations center (SOC) teams in other industries, including retail and manufacturing, as they mature their security postures.
Yehuda Lindell, CEO and Co-founder, Unbound Tech
New methods of protection will continue to grow as blockchain/cryptocurrency becomes an increasingly attractive crime target
We are seeing more institutional interest and investment in the Blockchain world, and the hype is falling away. This is good news for the space in general and means that real work can get done. The other side of this is that there are more real solutions that utilize blockchain, and as cryptocurrencies continue to thrive, they will become more and more of a crime target. Fortunately, since the organizations in this space are typically young and agile, and the threat is real and immediate, they will respond quickly. As such, I believe that attacks and crime in the space will continue to rise, together with a tightening of security and deployment of new methods. Secure multiparty computation as a solution to protect the signing keys used to authorize transactions on blockchains will grow quickly, as this provides the best tradeoff between security and functionality, in my opinion. Other solutions will continue to be used as well (cold wallets, multi-sig, etc.) and the use of multiple technologies together for different use cases will grow.
Prigge, president, Jumio
Facial authentication goes mainstream. There’s been a healthy degree of confusion between facial recognition and facial authentication, but the underlying technologies are often very different and designed to address different use cases. For consumers and businesses alike, facial authentication is a win-win. Unlike facial recognition systems which are often performed without the user’s consent, facial authentication is permission-based and provides high levels of security and assurance to a user while letting them seamlessly access their own accounts or devices. The elegance of facial authentication is that the user does not need to be subjected to the entire identity proofing process — they just need to take a new selfie when then log into their favorite app or perform some high-risk transaction (e.g., wire transfer or password reset). In 2020, we anticipate that c facial authentication will continue to grow in popularity and continue to be used as a trusted technology for identity verification. –
Sehic, global director of cybersecurity, Honeywell Building Solutions
Four predictions on the future of cybersecurity for connected and smart building systems and Operational Technology (OT).
1. Buildings will likely see an increase in cyber related threats, as OT systems are, in some instances, being targeted to directly manipulate operations and as a bridge to IT data
2. Cybersecurity for OT is expected to become a key safety and security metric for many businesses in 2020 as digitization and the interconnectivity of systems potentially opens up new routes of access for cyberattacks
3. Demand is expected to increase for a new type of security professional as OT and IT responsibilities often overlap. The industry will have to quickly adapt/foster a learning environment to help this new talent pool grow
4. A global standard for cybersecurity is expected to become a top priority across industries, as businesses make bigger strides toward securing their OT systems against increased cyber threats
Lemos, VP of research and intelligence, BlackBerry Cylance
Changing network topologies challenge traditional assumptions, require new security models. Network-based threats that can compromise the availability and integrity of 5G networks will push governments and enterprises alike to adopt cybersecurity strategies as they implement 5G spectrum. As cities, towns and government agencies continue to overhaul their networks, sophisticated attackers will begin to tap into software vulnerabilities as expansion of bandwidth that 5G requires creates a larger attack surface. Governments and enterprises will need to retool their network, device and application security, and we will see many lean towards a zero-trust approach for identity and authorization on a 5G network. Threat detection and threat intelligence will need to be driven by AI/ML to keep up.
Hassan, co-founder and CEO, White Ops
In 2020, identification will become harder as cybercriminals start to leverage identity targeting to harvest and sell bot identities. Cybercriminals are mastering both how to look more human-like and how to look like more humans and as part of this process, identity harvesting will emerge in a big way. This will entail growing an identity for an extended period of time, eventually creating millions of fake users who can talk and interact with one another. For example, fake social media accounts could be linked to posting fake reviews, and even fraudulent credit cards and bank accounts. Consumers will rely more on brands to police these fake profiles and fake account networks while organizations must utilize technology to combat accounts that are negatively impacting their brand and network.
Barnett, CEO, Semafone
The convenience and ease of sending money from one person to another via apps, like Venmo, is appealing. It is only a matter of time before consumers expect to be able to pay merchants in the same way. As a result, businesses will begin to adopt peer-to-peer payment technologies that are committed to keeping users’ payments secure and protect their personally identifiable information (PII). Additionally, the rise of automation in cybersecurity; Robotic Process Automation (RPA) – This rise will be partly due to the shortage of human cybersecurity professionals and the need for automation to fill the gaps. Growth in RPA technology adoption will continue to be steady – as the technology provides huge cost savings for organizations and amass reduction in repetitive administrative tasks for staff.
Firewall misconfigurations will increase. The sheer volume of rules today is already unmanageable without some form of policy behavior analysis. According to the 2019 “FireMon State of the Firewall” report, manual processes led to misconfigurations accounting for 10 to 24 percent of the changes that require work. With security teams dealing with 25 to 100 manual firewall changes per week, it’s no wonder misconfigurations are at an all-time high and the number of data breaches is following suit. In the coming year, we can expect to see policy complexity increase if better firewall management hygiene is not applied. As unnecessary complexity increases across the infrastructure, you can count on human error and additional risk to enter the picture at an even more alarming rate. The year 2020 could set a new record for breaches as a result of firewall misconfigurations.
Zilberman, senior product marketing manager, Radware
Enterprises are undergoing a massive shift in their IT environments, paradigms, and processes all at once. While this change in technology can accelerate productivity and cost effectiveness, it also makes the CISOs job even harder. Increased distribution of information across various infrastructures, adoption of continuous delivery practices, and the dynamics of frequent changes result in more blind spots for CISOs than ever. Looking ahead to 2020, we can expect more CISOs to invest in technology that enables increased visibility, understanding, and prioritization of alerts and incidents, especially in the areas of multi-cloud, microservices, and IoT devices, where conventional solutions aren’t a best fit.