John
Prisco, president & CEO, Quantum Xchange
Prediction: Quantum
computers will advance far quicker than predicted, leaving enterprises
scrambling to become quantum safe. The first true use of quantum computing will
be in nation-state cyberwar activity and not a commercial application. By the
end of 2020 it will be evident that RSA 2048 will be doomed in under 5 years,
when a nation state like China or the U.S. will have a quantum computer capable
of decrypting current encryption paradigms. Quantum computing will be just the
latest of many technologies, including nuclear technology, the internet and
satellite navigation, that started out in government and military use.
Saumitra
Das, CTO, Blue Hexagon
First malware using
AI-Models to evade sandboxes will be born in 2020. Malware developers already
use a variety of techniques to evade sandboxes. A recent article explained that
“Cerber ransomware runs 28 processes to check if it is really running in a
target environment, refusing to detonate if it finds debuggers installed to
detect malware, the presence of virtual machines (a basic “tell” for
traditional sandboxes), or loaded modules, file paths, etc., known to be used
by different traditional sandboxing vendors.” In 2020, we believe that new
malware–using AI-models to evade sandboxes–will be born. This has already been
investigated in academia. Instead of using rules to determine whether the
“features” and “processes” indicate the sample is in a sandbox, malware authors
will instead use AI, effectively creating malware that can more accurately
analyze its environment to determine if it is running in a sandbox, making it
more effective at evasion. As a result of these malware author innovations and
existing limitations, the sandbox will become ineffective as a means to detect
unknown malware. Correspondingly,
cybersecurity defenders’ adoption of AI-powered malware defenses will increase.
Monzy
Merza, head of security research, Splunk
MITRE ATT&CK
will become the go-to framework and common vocabulary for every SOC. For organizations required to have the most
aggressive stances on security, such as financial services and healthcare,
ATT&CK is already the go-to framework. In 2020, it will become a basis of
conversation for security operations center (SOC) teams in other industries,
including retail and manufacturing, as they mature their security postures.
Professor
Yehuda Lindell, CEO and Co-founder, Unbound Tech
New methods of protection will continue to grow as blockchain/cryptocurrency becomes
an increasingly attractive crime target
We are seeing more institutional interest and investment in the Blockchain world, and the hype is falling away. This is good news for the space in general and means that real work can get done. The other side of this is that there are more real solutions that utilize blockchain, and as cryptocurrencies continue to thrive, they will become more and more of a crime target. Fortunately, since the organizations in this space are typically young and agile, and the threat is real and immediate, they will respond quickly. As such, I believe that attacks and crime in the space will continue to rise, together with a tightening of security and deployment of new methods. Secure multiparty computation as a solution to protect the signing keys used to authorize transactions on blockchains will grow quickly, as this provides the best tradeoff between security and functionality, in my opinion. Other solutions will continue to be used as well (cold wallets, multi-sig, etc.) and the use of multiple technologies together for different use cases will grow.
Robert
Prigge, president, Jumio
Facial authentication goes mainstream. There’s been a healthy degree of
confusion between facial recognition and facial authentication, but the
underlying technologies are often very different and designed to address
different use cases. For consumers and businesses alike, facial authentication
is a win-win. Unlike facial recognition systems which are often performed
without the user’s consent, facial authentication is permission-based and
provides high levels of security and assurance to a user while letting them
seamlessly access their own accounts or devices. The elegance of facial
authentication is that the user does not need to be subjected to the entire
identity proofing process — they just need to take a new selfie when then log into
their favorite app or perform some high-risk transaction (e.g., wire transfer
or password reset). In 2020, we anticipate that c facial authentication will
continue to grow in popularity and continue to be used as a trusted technology
for identity verification. –
Mirel
Sehic, global director of cybersecurity, Honeywell Building Solutions
Four predictions on the future of cybersecurity for connected and smart
building systems and Operational Technology (OT).
1. Buildings will likely see an increase in cyber related threats, as OT systems are, in some instances, being targeted to directly manipulate operations and as a bridge to IT data
2. Cybersecurity for OT is expected to become a key safety and security metric for many businesses in 2020 as digitization and the interconnectivity of systems potentially opens up new routes of access for cyberattacks
3. Demand is expected to increase for a new type of security professional as OT and IT responsibilities often overlap. The industry will have to quickly adapt/foster a learning environment to help this new talent pool grow
4. A global standard for cybersecurity is expected to become a top priority across industries, as businesses make bigger strides toward securing their OT systems against increased cyber threats
Josh
Lemos, VP of research and intelligence, BlackBerry Cylance
Changing network
topologies challenge traditional assumptions, require new security models. Network-based
threats that can compromise the availability and integrity of 5G networks will
push governments and enterprises alike to adopt cybersecurity strategies as
they implement 5G spectrum. As cities, towns and government agencies continue
to overhaul their networks, sophisticated attackers will begin to tap into software
vulnerabilities as expansion of bandwidth that 5G requires creates a larger
attack surface. Governments and enterprises will need to retool their network,
device and application security, and we will see many lean towards a zero-trust
approach for identity and authorization on a 5G network. Threat detection and
threat intelligence will need to be driven by AI/ML to keep up.
Tamer
Hassan, co-founder and CEO, White Ops
In 2020,
identification will become harder as cybercriminals start to leverage identity
targeting to harvest and sell bot identities. Cybercriminals are mastering both
how to look more human-like and how to look like more humans and as part of
this process, identity harvesting will emerge in a big way. This will entail
growing an identity for an extended period of time, eventually creating
millions of fake users who can talk and interact with one another. For example,
fake social media accounts could be linked to posting fake reviews, and even
fraudulent credit cards and bank accounts. Consumers will rely more on brands
to police these fake profiles and fake account networks while organizations
must utilize technology to combat accounts that are negatively impacting their
brand and network.
Gary E.
Barnett, CEO, Semafone
The convenience and
ease of sending money from one person to another via apps, like Venmo, is
appealing. It is only a matter of time before consumers expect to be able to
pay merchants in the same way. As a result, businesses will begin to adopt
peer-to-peer payment technologies that are committed to keeping users’ payments
secure and protect their personally identifiable information (PII). Additionally, the rise of automation in cybersecurity;
Robotic Process Automation (RPA) – This rise will be partly due to the shortage
of human cybersecurity professionals and the need for automation to fill the
gaps. Growth in RPA technology adoption will continue to be steady – as the
technology provides huge cost savings for organizations and amass reduction in
repetitive administrative tasks for staff.
Firemon
Firewall misconfigurations will increase. The sheer volume of rules today is already unmanageable without some form of policy behavior analysis. According to the 2019 “FireMon State of the Firewall” report, manual processes led to misconfigurations accounting for 10 to 24 percent of the changes that require work. With security teams dealing with 25 to 100 manual firewall changes per week, it’s no wonder misconfigurations are at an all-time high and the number of data breaches is following suit. In the coming year, we can expect to see policy complexity increase if better firewall management hygiene is not applied. As unnecessary complexity increases across the infrastructure, you can count on human error and additional risk to enter the picture at an even more alarming rate. The year 2020 could set a new record for breaches as a result of firewall misconfigurations.
Ben
Zilberman, senior product marketing manager, Radware
Enterprises are
undergoing a massive shift in their IT environments, paradigms, and processes
all at once. While this change in technology can accelerate productivity and
cost effectiveness, it also makes the CISOs job even harder. Increased
distribution of information across various infrastructures, adoption of
continuous delivery practices, and the dynamics of frequent changes result in
more blind spots for CISOs than ever. Looking ahead to 2020, we can expect more
CISOs to invest in technology that enables increased visibility, understanding,
and prioritization of alerts and incidents, especially in the areas of
multi-cloud, microservices, and IoT devices, where conventional solutions
aren’t a best fit.
