Security spending is on the rise even as IT allotments fall, creating a conundrum for IT professionals who must deliver top-tier protection in a technology market where cybercriminal innovation and consumer expectations are accelerating.
With 2018 just around the corner, it’s worth knowing what’s on the horizon for network security and where IT focus has the most impact. Below is a snapshot of next year’s top network trends.
Currently enjoying both big hype and serious investment, foundational artificial intelligence (AI) represents the potential for both security benefits and network threats. The notion of man-with-machine AI suggests the ability to offload tedious, data-driven tasks to highly focused machine learning algorithms, which then report to human experts. More advanced applications include intelligent network defense: Imagine an AI system capable of making sound judgments about incoming traffic and resource use, and then reacting appropriately.
On the other hand, purpose-built AI could enable cybercriminals to overcome system defenses and co-opt legitimate network processes for financial gain. Much like fileless malware, if malicious actors can compromise existing, high-privilege AI tools, the result could be total system infection without any signs of attack. Companies need to start earmarking security spend for AI development, but they shouldn’t ignore the secondary impact of malware copycats.
Bitcoin is on the rise and seems unstoppable, while blockchain technology has positive implications for network security as a whole. What company wouldn’t want a shared, entirely visible ledger of all transactions that (theoretically) can’t be compromised?
But there’s another side to cryptocurrency. Cybercriminals have already managed to render more than $100 million worth of Ethereum, a bitcoin competitor, permanently inaccessible. This is a big worry — not that bitcoin will suddenly fall, although that remains a possibility, but that second-tier cryptocurrencies will experience total failure due to blockchain compromise. Plus, what works on one blockchain can be adapted for another, meaning enterprises investing in bitcoin must be cautious when it comes to crypto-inspired confidence.
Network Security Redux
Another network security trend to look out for in 2018, Gartner suggested, is the development of digital twins — virtual representations of real-world entities or systems. With the number connected devices predicted to pass 20 billion in the next three years, it only makes sense to leverage them as links to physical processes and products, allowing enterprises to easily monitor current status, collect valuable data and deploy preventive maintenance tools.
However, compromised digital doppelgängers may have the ability to impact their physical copies. Think of it in terms of quantum entanglement: the notion that two particles created at the same moment can be effectively entangled forever, ensuring that whatever happens to one happens to the other, no matter the distance. Inherently linked digital processes could act the same way, especially as the number of devices outstrips the ability of traditional monitoring solutions.
In other words, by compromising digital copies, fraudsters could produce real-world effects.
Faster is better in our cloud-based world, so it’s no surprise that serverless apps are quickly gaining ground as simple ways to speed online processes such as bill payments and account logins. According to McAfee, these apps are also vulnerable to privilege exploitation and in-transit attacks, since they’re entirely web-dependent and don’t rely on a home server. As these apps trend upward to help manage costs and reduce complexity, companies need to consider the use of virtual private networks (VPNs) and cognitive security measures to ensure that serverless apps don’t lead to security breaches.
An extension of the Internet of Things (IoT), intelligent things are devices and processes designed to act autonomously for a given period of time or to complete a specific task. AI-driven cars are a good example: Emerging technologies reduce the amount of human interaction required to get people from point A to point B.
The problem is that if intelligent devices are compromised, what should be a routine task could be used for malicious purposes. Compromised driverless cars could be stolen from unsuspecting users, while wearable devices could collect and parse information about physical surroundings without user consent. Securing this new network of intelligent things will rocket up the IT priority list as viable attack surfaces grow and organizations become comfortable with the use of intelligent machines in day-to-day operations.
Expect increased security spend through 2018 as enterprises look to manage emerging network security trends, including improved AI, currency competition, digital twins, sans-server applications and things that think.
Listen to the podcast: 5 security predictions for 2018 from IBM X-Force