By Andrey Dulkin, Senior Director of Cyber Innovation.
At CyberArk, we’re very fortunate to work with some of the foremost security experts in their fields – both internally here at the company and through our customers and partners. We get a lot of insight into the security landscape and what threats businesses are facing – both those known and unknown to the public at large.
We thought we’d ask some of the thought leaders here at CyberArk what they believe will be the biggest cyber-security trends heading into 2014 and what will have the biggest impact on IT Security.
Today’s thoughts are from Andrey Dulkin, Senior Director of Cyber Innovation.
- State-Sponsored Attacks Will Become Splintered and More Common: The revelations of the spying programs by the NSA, GCHQ, and other intelligence agencies have established a precedent how governments use the Internet and technology for national defense. We will see more and more countries embrace and go beyond this approach – both in terms of passive surveillance and in aggressive cyber-attacks. The major geopolitical players (the West, Iran, China, and Russia) will continue to refine their cyber efforts, which will have a major impact on the powers of rogue nations and state-sponsored terrorist groups. As we’ve seen with Stuxnet, these attacks are dismantled and re-purposed – the attacks become commoditized and trickle down to the rogue elements. We’ll see more attacks of this nature occurring, for a wider array of reasons – economics, politics, and terrorism.
- Encrypt Everything: The fallout of the Edward Snowden breach will continue to have a major impact on everything we do. As companies like Google continue the call to now “encrypt everything,” we’ll see new encryption standards emerge. As encryption methods develop, we’ll also see new frontiers being reached in encryption and hash cracking, whether by novel mathematical methods or by dedicated hardware, such as this 25 GPU-based platform.
- Malware Prevention Hits the Rocks: The death of the perimeter has been predicted to some degree for the past 10 years. While there will also be a market for perimeter oriented technologies, we see wide scale disillusionment with technology like next gen firewalls, sandboxing, etc… primarily driven by the fact that more and more companies will experience targeted breaches, despite having installed these solutions.
- Increased Spending on Insider Threat Prevention: The insider threat is ever present and hangs over every company. The Edward Snowden incident continues to reverberate across industries. This is why we’ll see a much greater emphasis on the person aspect of insider threat prevention in 2014. Companies will spend more money and time on employee screening and monitoring, with a stronger focus on outsourced and contracted positions. We’ll also see a much greater emphasis on monitoring and controlling privileged users.
Read Part 2 of The Advanced Threat Landscape 2014.