As an eventful 2016 draws to a close, what should we expect in cybersecurity for 2017? In this blog series, Morphisec’s security experts predict trends and technologies in 2017.
Today’s post is from Morphisec’s Chief Business Officer, Omri Dotan. He analyzes key emerging trends to understand what they mean for the future of security technology.
The target surface for advanced attacks is quickly and vastly expanding, from already not effectively protected endpoints to barely secure Containers, Cloud infrastructures, SCADA controllers, IoT and Mobile platforms.
Existing security products continue to defend based on previous attack knowledge and history; the asymmetry between unpredictable attackers to predictable defenders is growing in favor of the attacker.
There is an increasing number of broad-based and targeted attacks that are skilled, evasive and focused on a large gains farming approach, i.e. penetrate unrecognized, plan a massive event undetected, and exfiltrate.
At a decreasing marginal return but at exponentially increasing cost, complexity and OPEX.
The world cannot add enough security professionals fast enough to cover all the products, reports, alerts, forensics and remediation required to support this heavier and heavier security stack.
We are reaching a discontinuity point, where doing much of the same just a little bit better will not work any longer. Expect in the years to come a new set of innovative products that focus on changing the asymmetry by giving the "unpredictability advantage" to the defender; that will deliver "preemptive defense" in "millisecond response times” and which will reduce security costs. They may be called Moving Target Defense (MTD), Preemptive Deception (Deception), New Generation Endpoint Threat Prevention (NGETP), but their essence will be the same, to paraphrase Benjamin Franklin: "An ounce of prevention is worth a ton of detection."