Why the 2020s will be the decade of cyber intelligence
As the world is becoming increasingly digitalized, cybersecurity threats have evolved in ways that were unimaginable a decade ago. In the recent U.S. Presidential Election, misleading content made headlines as the Cybersecurity and Infrastructure Security Agency (CISA)’s top security concern, alongside cyberattacks and foreign interference.
Today’s attacks are not only in networks and edge devices, but are being carried out online, in private forums, and across social media. They’re often left undetected yet can cause significant reputational and financial harm to governments, organizations and companies of all sizes.
Cybersecurity products and services primarily focused on protecting technology are no longer enough. The greater need for awareness will usher in a new era of Cyber Intelligence, which will define the next decade of cybersecurity while opening opportunities for innovation and entrepreneurs.
Starting from the bottom
How will this evolve? We expect the transition to cyber intelligence to be primarily driven by next-generation security startups. Unlike many other enterprise technology verticals, buying the incumbent security solution simply isn’t enough. A CTO doesn’t always need the newest networking equipment, but a CISO with a similar mindset may not have a job for long.
This dynamic has fostered a rich ecosystem of cybersecurity startups and is a major component of why venture capitalists invested $7.2 billion in cybersecurity startups last year – an amount the industry is positioned to exceed in 2020.
The next generation of cybersecurity
Cybersecurity has always been about two fundamental elements: visibility and control. We believe that the need for these elements has now extended past traditional cybersecurity – protecting data centers and devices – to cyber intelligence – defending individuals, brands, and intellectual property.
The next decade of security companies, many of which have yet to be founded, will have a fundamentally different approach than the current generation. These startups will utilize cyber intelligence to combat and predict digital threats to each vector.
The scale of phishing problem requires both technology (cybersecurity) and human (cyber intelligence) solutions.
Security today is often considered to be a technology problem, yet the reality is that nine out of ten breaches begin with a targeted phishing email attack. (Phishing is a form of social engineering, where the attacker deceives its targets into divulging personal or confidential information for fraudulent purposes.) Cold-call phishing emails are being replaced by those that take advantage of real human relationships and are, unsurprisingly, more effective. In the near-term, these challenges are further exacerbated by COVID and the shift to remote work.
Phishing techniques, from business email compromise to whaling, reinforce the rudimentary conundrum of security: it takes only one bad actor or unintentional mistake. In addition to email security and cyber training, CEOs and other high-profile individuals should consider proactively protecting themselves from credential theft and impersonation. This summer’s Twitter hack was the result of a social engineering technique that led to employees unintentionally providing their credentials to a hacker’s dummy site. In the future, we expect that active monitoring of the dark web to alert individuals of stolen personal information will move from “nice to have” to a “must have.”
As disinformation campaigns become more costly to brands and organizations, we will need solutions to not only respond to these attacks but learn to predict them.
The modern consumer obtains information through website reviews, social media, and other public online sources. The distortion of digital content – including disinformation – can meaningfully impact the brand reputation of a company, organization, or individual. The deliberate spreading of false information also extends to public health and electoral integrity. There are some forms of brand protection available today, such as DNS monitoring to protect against the use of trademarks or otherwise abusive registration of domain names (“cybersquatting”). However, the reality is that most monitoring systems are unable to do so effectively across volumes of individuals, markets, languages and geographies.
Existing solutions are primarily reactive, exemplified by the reality that the largest social media players like Facebook and Twitter are still highly reliant on human efforts for detection. An emerging use case for artificial intelligence and machine learning is to augment human analysis for a higher level of accountability and content moderation on such platforms.
Enterprises need zero-trust technology and greater contextual awareness in order to secure their IP proactively.
Securing an enterprise’s intellectual property has always been a core tenet of cybersecurity. Yet data loss protection (DLP) is a mostly a failed technology – traditional solutions are rules-based and thus difficult to maintain at scale, lack visibility, and often lead to false positives. They are also useless outside of the network; therefore, while they may be enough to protect against accidental data leakage, they can be easily circumvented by a motivated insider.
Given a company’s IP is likely to be its most valued asset, data security will eventually move to a zero-trust model where permissions to access data are by exception rather than by rule. At the same time, cyber intelligence will be leveraged in order to monitor data movement and user behavior to predict, prevent, and respond to leakages in a timelier manner.
The digital risk landscape continues to expand in both depth and breadth, with very real implications on business resiliency. Yet an organization looking to enable cyber intelligence today will likely be cobbling together a solution from various endpoint protection, threat intelligence, and security service providers.
As such, we expect to see more innovation and focus within cyber intelligence within the next ten years. We would encourage security professionals, C-suite, and board members to seriously evaluate these solutions to protect their digital assets, beyond building a firewall.