Light Dark
December 22, 2020 By Mike Elgan 4 min read
Application Security
Artificial Intelligence
Cloud Security
Data Protection
Endpoint
Security Services

The holiday season is upon us. After a difficult year, and facing an even more challenging year ahead, digital defense experts don’t have visions of sugar plums dancing in their heads. Instead, they dream of cybersecurity tools and other resources to help them cope with a wild threat landscape. 

Here’s our ultimate holiday wish list. 

1. Skilled Cybersecurity Employees

The top thing security experts need is more of them. 

Skilled workers are in short supply. The so-called cybersecurity skills gap is a real problem. There aren’t enough qualified candidates to do the job. And as the landscape grows even more complex, the people who do enter the field specialize more and more. Their highly specific experience, training and credentials make it even harder to hire. 

Although some gains were made in the skills gap, according to the 2020 (ISC)2 Cybersecurity Workforce Study, the field needs to grow by roughly 41% in the U.S. and 89% worldwide to fill the gap. In addition, a majority (56%) of survey respondents say their employers are at greater risk because of the shortage. 

Of course, the reason for the shortfall is the field needs more training, more certification, more education, more awareness at the college level and more attention in general. All that should be the industry’s collective New Year’s resolution. 

2. Cybersecurity Tools for Business Connectivity From Home

In the rush to remote work this year, nobody had time to address the fact that a huge amount of business happens through consumer ISPs ill-equipped to handle the load. Even worse, employees’ personal computers, tablets, phones, gaming systems and consumer Internet of things (IoT) devices are all on the same Wi-Fi network. They use the same router and connect through the same internet service provider. It’s a bandwidth and defense nightmare. 

Meanwhile, threat actors are working night and day to figure out new ways to exploit this ticking time bomb. Expert defenders are doing the same to figure out how to diffuse the problem. 

Think about the implications of remote work. The perfect gift this year would be a separate business network and router in every home for remote workers. At best, it would work only via the company’s virtual private network. It would allow only company-provisioned or approved devices to connect. 

3. Cybersecurity Tools That Require Great Password Management

As much as we talk and read about a post-password future, passwords are very much with us. Talking and training on strong passwords, unique passwords and using a password manager isn’t enough. Far too many employees just do the easy thing and use a never-changing, easy-to-remember password for multiple sites. 

The widespread failure of good password hygiene is one of the things that makes it easy for threat actors to steal data. From there, they gain access to accounts and machines that link to enterprise systems in one way or another. 

One wonderful gift would be operating system-level cybersecurity tools that could be switched on, preventing entry of any password on any site, app or device that didn’t come from an approved password manager. That password manager would require strong passwords that are changed frequently, and could be made convenient for the user with biometrics. 

4. Self-Reporting IoT Devices

IoT devices are great stocking-stuffers, but lousy network citizens. They’re spreading unchecked across industries and inside remote workers’ homes. Large numbers of IoT devices massively increase the attack surface, since they are powerful enough to convey data over the network but not powerful enough to encrypt that data. 

Making matters worse, these devices show up inside enterprise networks without permission. Who knew the vending machine, digital picture frame and smart dog collar were open doors to attacks? 

What we need for the holidays is a new framework for these devices; a standard that blocks their connection unless they adhere to it. Such devices would have to be re-approved every year by security staff and would log and self-report key data into a database. That data would include where the device is; what it is; who installed it; who accesses it and when; and its battery charge level. 

AI-based advanced threat intelligence systems would have access to that database for detecting possibly malicious use. It would provide amazing data for existing cybersecurity tools to better do their job.

The idea would be that no IoT device could be stirring on the network without permission; not even a mouse. 

5. Cybersecurity Tools to Estimate Attacks and Costs

One gift that would keep on giving would be a tool that downloads constantly-updated information about cyber attacks across thousands of entities — the kinds of attacks, estimates of financial damage and other data that could scan the basics of a group’s infrastructure, policies and personnel. This could then estimate the likelihood of damage in dollars. 

Participating groups would anonymously upload their data about all metrics, as well as incidents of attacks and their cost. Next, machine learning algorithms would develop and revise estimates. 

The tool would present cybercrime risk based on probabilities and dollar amounts. So cybersecurity leaders could join budget meetings armed with a cybersecurity budget breakdown that makes sense to non-specialists and business leaders. It could say, for example, that based on the organization’s current overall security profile, there’s a 7% chance the business will have to close from catastrophic attack; 20% chance that cyber attacks this year will cost over $1 billion, etc. 

6. A Cybersecurity Best Practices Virtual Assistant 

Virtual assistants on phones, smart speakers and smart displays are growing in popularity. These mainly help people get the weather, find out trivia about celebrities, set timers and play music. 

What cybersecurity specialists really want is an AI virtual assistant that helps and guides employees on best practices for cybersecurity. When an employee clicks on a link in email, the assistant would intercept the click and ask: “Are you sure you want to do this? Malicious links are the No. 1 source of phishing attacks.”

When another device is added to the network, it could offer to contact IT and notify them about the device. 

A huge percentage of cyber attacks result from exploited employees who get tricked through social engineering techniques into unknowingly helping the attackers gain access. 

A wonderful holiday gift to cybersecurity specialists would be a kind of AI elf that sits on the shelf and helps users contribute to the security of the company through security best practices. 

7. A Cloud of Clouds

The original concept of the cloud was the unification of unspecified remote resources into a single virtual server. The designers of the cloud intended it to simplify these resources, but itself has grown complicated. Now, we have complex hybrid multicloud environments that are becoming increasingly difficult to secure. 

But, what if there was a way to secure and administer all of these as a single unit? It could be a cloud of clouds. 

That’s our holiday wish list for the coming year. Happy holidays, and have a safe and secure New Year.

 |  |  |  |  |  | 
Mike Elgan

More from Application Security
March 13, 2024

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

March 5, 2024

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

February 1, 2024

Audio-jacking: Using generative AI to distort live audio transactions

7 min read - The rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has been an increase in threat actors who attempt to exploit large language models to create phishing emails and use generative AI, like fake voices, to scam people. We recently published research showcasing how adversaries could hypnotize LLMs to serve nefarious purposes simply…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature