The need for better use of technology is the key issue faced by the cybersecurity industry in 2019, according to InfosecurityMagazine’s annual State of Cybersecurity Report, launched today at Infosecurity Europe. The report outlines in-depth research carried out to determine and explore the key trends and focus areas driving the cybersecurity industry, now and in the future, based on interviews with 60 security leaders worldwide.
The need for better use of technology was cited most frequently, by more than a third (35 per cent) of respondents. This is closely followed by the human factor (31 per cent), then compliance (25 per cent), which was the leading trend in 2018, most likely due to the imminent GDPR deadline. To round-up the top five issues in 2019, security leaders cited the need for engagement between the company, the board and the security team (18 per cent) and automation and machine learning (18 per cent) in fourth and fifth place.
Respondents highlighted the need for products and solutions that provide greater defence and detection capabilities. Many referred to problems with the convergence and consolidation of technology as the threat landscape gets bigger. A number of contributors mentioned the fact that the basics are often skipped as an issue. Other challenges cited included complexity, a lack of interoperability, and legacy technology working with advancing technologies, with companies often still running software and platforms that are out of date, unpatched or full of vulnerabilities.
The human factor is considered to be the second key industry driver – encompassing the current skills shortage, the need for better training, and the continued analysis and review of whether the ‘human is the weakest link’. Respondents had differing views on how these issues can be addressed – with better education, rethinking recruitment approaches and adoption of more user-friendly technologies that will help limit human risk among the solutions recommended.
One contributor to the report, Martin King, CTO of the Football Pools, emphasised the insider risk. He said: “It doesn’t matter how many technical controls security and infrastructure teams put in place, the simplest and often quickest path to a breach is through social engineering. We can put the most sophisticated technology in the world in place, but if a user gets a phone call from tech support asking them for their password and they oblige, it’s game over.”
Compliance was the standout industry trend in the 2018 report but has dropped to third place this year. That said, respondents indicate that regulatory controls will remain a driver in the EU and beyond. Many noted that the introduction of GDPR has had both positive and negative impacts. Some mention concerns around how the ‘shelving’ of projects to make way for compliance projects may have hindered the industry, while others point out that data protection regulators have not actually been enforcing the standards. However, they believe GDPR and other compliance regulations have done a lot to promote the cause for effective incident response.
The need of the business to engage with security teams, and vice versa, is also a key factor. Respondents recognised that the security team must understand the objectives of the business and what it is trying to achieve to have a better chance of protecting it. Equally, if the business understands the role of the security team and its policies and challenges, there is a better chance of building a more secure culture.
According to many of those surveyed, artificial intelligence (AI) and machine learning is a key trend. Respondents voiced concerns about the reliability and hype surrounding autonomous technology, yet the overall feedback is generally positive: the benefits of automated systems cannot be ignored.
According to Nicola Whiting, CEO of Titania, machine learning and AI are here to stay. “They’re the only viable choice for defence at scale – but time does need to be taken to allow it to mature and become more consistent in its delivery. One of the key changes needed to deliver viable, AI-driven autonomous mitigation and defence will be the movement away from legacy technologies which create probabilistic data, such as scanners, towards those sources that create deterministic data, for instance event data and configuration analysis. This will be an essential requirement as any AI empowered to make defensive decisions will be extremely reliant on data accuracy.”
As well as the current cybersecurity drivers and trends, Infosecurity Magazine asked respondents what they thought would drive the industry forward in the next five years. Advanced automation is by far the standout trend, with 36 per cent of respondents citing it. The notion that there needs to be more patience with AI’s capabilities, and an avoidance of complete reliance on it, is common.Elsewhere, the responses very much follow current trends, with board interaction, attacker mentality and the human factor all proving popular.
Other trends mentioned as important include: