As an eventful 2016 draws to a close, what should we expect in cybersecurity for 2017? In this blog series, Morphisec’s security experts predict trends and technologies in 2017.
Today’s post is from Morphisec’s Chief Business Officer, Omri Dotan. He analyzes key emerging trends to understand what they mean for the future of security technology.
Trend No. 1: The potential attack surface keeps expanding.
The target surface for advanced attacks is quickly and vastly expanding, from already not effectively protected endpoints to barely secure Containers, Cloud infrastructures, SCADA controllers, IoT and Mobile platforms.
Trend No. 2: Security strategies remain predictable while attackers continually come up with novel attack techniques.
Existing security products continue to defend based on previous attack knowledge and history; the asymmetry between unpredictable attackers to predictable defenders is growing in favor of the attacker.
Trend No. 3: Advanced, evasive techniques are becoming more widespread.
There is an increasing number of broad-based and targeted attacks that are skilled, evasive and focused on a large gains farming approach, i.e. penetrate unrecognized, plan a massive event undetected, and exfiltrate.
Trend No. 4: As a result, corporations keep adding incremental security layers
At a decreasing marginal return but at exponentially increasing cost, complexity and OPEX.
Trend No. 5: The security stack is growing unsustainably heavy.
The world cannot add enough security professionals fast enough to cover all the products, reports, alerts, forensics and remediation required to support this heavier and heavier security stack.
What these trends portend:
We are reaching a discontinuity point, where doing much of the same just a little bit better will not work any longer. Expect in the years to come a new set of innovative products that focus on changing the asymmetry by giving the "unpredictability advantage" to the defender; that will deliver "preemptive defense" in "millisecond response times” and which will reduce security costs. They may be called Moving Target Defense (MTD), Preemptive Deception (Deception), New Generation Endpoint Threat Prevention (NGETP), but their essence will be the same, to paraphrase Benjamin Franklin: "An ounce of prevention is worth a ton of detection."