Cybersecurity is at a tipping point, the sheer volume of breaches, attacks, and threats has become overwhelming. Juniper Research, suggests that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019. About 1.9 billion data records got exposed in the 918 data breaches that occurred in the first half of 2017—up 164 percent from the last half of 2016. According to a recent AT&T Cybersecurity Insights report, some 80 percent of the IT and security executives surveyed said their organizations came under attack during the previous 12 months.
This rising threat trend, coupled with the rapid growth of sophistication in malware, ransomware, DDoS, and social engineering attacks has created a conundrum. How do we protect ourselves in an increasingly connected world?
There is really no single answer or remedy to our digital vulnerabilities. Cybersecurity at its core is risk management: people, process, policies, and technologies. The latter category offers some interesting and useful tools to help survive in the cyber ecosystem.
Nothing is completely un-hackable, but there is a myriad of emerging technologies that can help us navigate the increasingly malicious cyber threat landscape. Some of these cutting-edge technologies include:
- Artificial Intelligence (human/computer interface) and Machine Learning
- Automation and Adaptive Networks
- Big Data: Real-time Analytics and Predictive Analytics
- Biometrics and Authentication Technologies
- Cloud Computing
- Quantum-computing and Super-Computing
Artificial intelligence (AI) has become a major focus area of cybersecurity investments. AI and augmented reality technologies are no longer things of science fiction and many leading companies are already developing technology to distribute artificial intelligence software to millions of graphics and computer processors around the world. Some of the basic activities computers with AI are designed for include: Speech recognition; Learning / Planning; and Problem solving. For cybersecurity, synthesizing data is surely an advantage in mitigating threats.
Machine Learning is the science of getting a computer to act without programming. It often combines with AI and can be thought of as the rapid automation of predictive analytics. In cybersecurity terms, machine learning provides the fastest way to identify new attacks, draw statistical inferences and push that information to endpoint security platforms.
George Washington University’s Center for Cybersecurity and Homeland Security in a symposium on Trends in Technology and Digital Security summed up AI’s cyber role and challenges: “Will AI benefit the attacker or the defender more? AI offers both promise and peril. It will be used for both offense and defense. It is too early to say for certain which side will have the advantage. Cybersecurity firms are using AI and machine learning to prevent attacks, and attackers are using AI to craft and respond to these defenses. The discriminator, however, will be in the AI system that can learn and adapt the fastest.”
Both AI and machine learning can be integral aspects of Automation and Adaptive Networks. Applications for automated network security and self-encrypting drives to protect critical infrastructure in all categories. Automation allows for horizon scanning and monitoring of networks that can report on deviations and anomalies in real time. It allows for automatic updating of defense framework layers (network, payload, endpoint, firewalls and anti-virus) and diagnostic and forensics analysis for cybersecurity. It can also be used for threat vetting through incorporation of analytics in specialized data bases.
Big Data: Real-time Analytics and Predictive Analytics provide an important component for cybersecurity threat intelligence. It can be applied to monitor and detect anomalies in the network and identify new threats without known signatures. It can also be utilized to correlate data from silos to understand the nature of attacks and assess network vulnerabilities and risks. Like AI, machine learning, and automation, data analytics flourishes in the world of software algorithms combined with evolving computing firmware and hardware.
Biometric and Authentication Technologies provides cybersecurity screening in both the network and endpoints. Screening can include numerical passwords, facial recognition scanning, and now screening via bio-signature. Every aspect of your physiology that can be measured can be used as a bio-signature. This includes heart/pulse rates, electrocardiogram sensor, blood oximetry, skin temperature. Multi-factor authentication is especially for securing isolated networks and to combat identity theft.
Blockchain is a peer to peer network with a shared, distributed ledger. Blockchain’s decentralized technology offers cyber-defenses from many types of attacks because it removes single failure points that many often hackers prey upon. It is already being used in the financial sector and offers selective transparency and privacy.
Cloud Computing consists of moving and storing data and applications over the Internet from remote servers. Generally, it offers users cost flexibility, mobility, and increased productivity. For cybersecurity it allows for firewalling and managed security. An advantage of the cloud is you know where the data resides and who is managing its security.
Cryptography and Encryption are vital elements of cybersecurity. In symmetric key encryption, the same key is installed on both computers that transmit and receive the encrypted information. Public key encryption is the Secure Sockets Layer (SSL). SSL is commonly used by browsers and Internet servers when transmitting confidential data. An emerging form of cryptology called Verifiable Identity Based Encryption (VIBE) eliminates the need to protect the public parameters by adding authentication at the application layer. Encryption protect against most cybercriminals and hacktivists because it creates a formidable time and effort barrier for them to breach while they could opt to pursue lower hanging fruit.
Quantum-computing and Super-Computing like AI, has already arrived. IBM, Google, Intel, are all developing quantum computers. It works by harnessing the special properties of atoms and subatomic particles. Physicists are designing quantum computers that can calculate at amazing speeds and that would enable a whole new type of cryptography. Super computers are the engines for future automation. The future is promising. At a 2016 DEF CON conference sponsored by DARPA, supercomputers sans humans, were exposed to bugs including Heartbleed, Sendmail crackaddr, and the Morris Worm which the computers were able to detect and rapidly repair.
There are many other emerging technologies that are part of future cybersecurity toolkit. They include edge computing, virtualization, photonics, hypervisors, hardware based trust anchors, anti-malware detection systems, and converged software defined environments. All will likely be need in various applications for “defense in depth” as our world of connectivity morphs into a trillion-sensor economy with seemingly infinite surface attack vectors that comprises the Internet of Things and Smart Cities.
Unfortunately, it is not only the good guys who will have the new tech. Many of these emerging customizable cyber tech tools will be also available for exploitation by non-democratic sovereign states, organized criminal hackers, and malicious actors. In the future, cybersecurity just as it is now, will come down to a battle of skills, resources, and dedication by trained technicians and leaders.
Also available on Alien Vault