Cyber Security Trends for 2018
With the new year of 2018, we are just at the beginning of an exponentially growing ‘bull’ industry: Cyber Security. Security technologies are becoming more and more important as any technological advancement is coming into being. The advancements mostly take the casual affairs of our everyday life into a digital area, such as the promising technology of Blockchain, which is not the only functionary to the basis of the monetary systems of ‘coins’ but also available for usage in voting systems and intellectual property affairs.
The year of 2017 indicated a highly promising future for the security technologies. 2017 saw 552 venture deals which were only 297 in 2013. The amount of disclosed funding exceeded $7 Billion. While the size of the early-stage deals decreased in 2017, Series B and C deals grew. This could be a sign that in some sub-sectors of security, the environment of business has become more ‘saturated’ in comparison to other promising sectors of lines. Endpoint security gained Tanium and Czech company Avast as the new ‘unicorns’ who have exceeded $1B in value. The new opportunities that should be seized in this new year seem to be more than promising, both from a technological and commercial point of view. These trends, growing throughout the year, will find their places in the security market and probably will not leave their seats for some time.
First one is the Identity Technologies. Identity technologies aim to prevent our personally identifiable data(PII) from being abused. The issue of identity disclosing the in internet have gained significance and is very much popular for some years. In an era where blockchain technology introduced a more decentralized mechanism consisting of anonymous actors, awareness about privacy was raised consequently. That is also why, European Union has adopted a new regulation called General Data Protection Regulation. The regulation requires organizations to comply with directives included. It will enter into force by 25 May 2018.
The GDPR has in its way created a new business line for companies that have done the thinking: Regtech; that stands for regulation for technology. Regtech companies help organizations to adapt its operations and data reigns to GDPR in order to protect personally identifiable data and ensure user-privacy.
When identities are stolen, like in the Yahoo breach where 3 billion accounts were hacked, the information of the identities can be linked to accounts and data reigns. This allows fraudsters to illegally make online transactions via information they acquired, which may lead to a huge theft of any kind of asset. This paved the way for the second trend: Anti-fraud. Especially with the bitcoin based online currency exchanges, any fraudulent activity is very difficult to trace because of the required anonymity of the actors in the ledger system. When balances are drained of money by ways of phishing, identity theft and so on, an exchange can lose a lot of money, that in turn causing it to lose its credibility and reputation. Many startups are on the rise to provide synthetic, sustainable and feasible security models for such platforms as well as banking systems.
Third one is credential theft. This one is actually one of the simplest hacking methods. One even does not need to have any coding skills because he or she can ‘phish’ the target, by sending an e-mail imitating a trusted party and requesting the login name and passwords of the users. Start-ups now work on artificial intelligence security systems that can conceive and detect any phishing scam.
Furthermore, it has been recently noted and witnessed that centralized systems, how powerful and secure they may be, once captured, can lead to disasters of sheer scales. Centralized systems allow for the control mechanisms of industrial systems, nuclear plants and energy plants that all in all we name critical infrastructures. The infrastructural systems can be controlled and abused once they are captured. Such an activity has the capability of stopping life itself in the sense that we know it, besides also destroying it. So, companies are working on edge systems, which can operate without the authorization and control of a central authority, bearing the utmost care and caution with reasoning capacities enabled by artificial intelligence.
The last visible trend to be considered is firmware and supply chain security. Malwares are more than ever directed to organizations’ hardware that normally manages and provides for functions of the entity in any way, such as through Internet of Things. Taking control of an organization’s operations will enable the controller to siphon balances of the company as well as all the information in the data pool of the company. Through Internet of Things, the hacker can manipulate the industrial operations of the organization, producing spoilt materials and services.
A further area for more trends on the way is obviously artificial intelligence. It is racing in advancements from day to day. Autonomous learning capabilities are developing by every second. Artificial intelligence stands as a basis for work lines like threat intelligence and deception security as well as infrastructure security. The nature of the technology is remarkable as it is in the most parts not developed but on the contrary it develops itself. It will empower itself to detect malware and even the threat itself before its initiation. Thereby, it will secure its instant response plan and in continuation adapt its resilience plan to the situation at hand.