2019 Security Predictions and Directions

The CIS”Drive by” and “watering hole” attacks will become more prominent

Avihai Ben-Yosef, Chief Technology Officer @ Cymulate | Rishon LeTsiyon, Israel

A phishing attack is like giving away poisoned candy and hoping people eat it, but Watering Hole and Drive-by attacks are like poisoning the village water supply and waiting for people to drink. These attacks, carried out via unsecured Internet browsing, can be composed of a variation of ransomware attacks, cryptojacking, exploits, and other malware. The attacks are located on legitimate, widely accessed, and infected websites, so there is a greater likelihood of a higher number of victims being affected. As cybercriminals and nation powers are more sophisticated than ever before with access to advanced knowledge and attack tools, combined with the unsuspecting nature of these attacks, we are likely to see many more of this kind in 2019. These attacks will affect organizations, networks, endpoints, and more, resulting in large monetary and data loss damages. This could be the initial trigger of a full APT attack on an organization or part of a worldwide cyber campaign targeting hundreds of thousands of victims at the same time. 

Brief Biography
Avihai served as a lead technology leader in the IDF’s Elite Intelligence Unit. Previously, Avihai was the Head of the Cyber Research Team at Avnet Cyber & Information Security, where he worked for several projects on behalf of the Israeli Ministry of Defense.

Important Issues:

  • A global shortage of security professionals.
  • Automating an organization’s security procedures and tasks.
  • Prioritization of risks and their associated mitigation procedures.

Direction for CSOs and Decision Makers:

  • Optimize your security spending. Learn how to maximize your current security solutions, ensure the products and services do not overlap, and provide an effective and efficient security framework.
  • Instead of the conventional practice of an annual security assessment, continuously validate your security posture.
  • Stay up to date with the current trends and latest attacks as the attacks in 2019 will spread at an even faster pace.

Cymulate helps companies stay one step ahead of cyber attackers with a unique breach & attack simulation platform that empowers organizations with complex security solutions to safeguard their business-critical assets. By mimicking the myriad strategies hackers deploy, the system allows businesses to assess their true preparedness to handle cyber security threats effectively. Chosen by Gartner as a 2018 Cool Vendor, Cymulate’s SaaS-based platform allow users to run simulations 24/7 from anywhere, shorten the usual testing cycle, and speed up time to remediation.

Supply chain cyber risk

Laura Lee, Executive Vice President of Rapid Prototyping @ Circadence | San Diego, CA USA

Supply chain cyber risk will be one of the biggest issues in 2019 and will require a coordinated effort to address. Risks from third party service providers with physical or virtual access to information systems, poor information security practices, and compromised software or hardware components, are only a few of the vulnerabilities that stem from this issue. Since breaches tend to be less about technology and more about human error, IT security systems won’t secure critical information unless employees throughout the supply chain use secure cyber practices. We’ve seen these types of attacks already and we will see more of them in 2019 as this approach catches on. As companies start to get a handle on their internal cyber risk, they will be learning that they need to look at a broader attack surface and everything that touches them. 

Brief Biography
Laura Lee leads multi-disciplined teams in the development of new capabilities for cybersecurity training and assessment.  Her expertise in artificial intelligence and machine learning inspires teams of game designers, cyber operators, and software developers to create immersive and engaging cyber learning solutions for the company. Prior to working at Circadence, she directed the research and development for cyber exercises at Johns Hopkins University/Applied Physics Lab. Laura holds a bachelor’s degree in Aerospace Engineering and Mechanics from the University of Minnesota, a master’s degree in Aerospace Engineering from Notre Dame, and Juris Doctorate from George Mason School of Law.

Important Issues:

  • Social media infiltration.
  • Cloud migration.
  • Cyber Risk Mitigation with CISO and C-Suite Alignment.

Direction for CSOs and Decision Makers:

  • Adopt a persistent cyber learning strategy to keep pace with evolving threat.
  • Align cyber risk mitigation strategies with business objectives to gain C-Suite visibility and buy-in on cybersecurity as a business risk.
  • Foster a “cybersecurity is everyone’s problem” cultural shift with C-Suite.

Circadence® Corporation is a market leader in next-generation cybersecurity education and learning. Powered by a culture of innovation and the demands of an evolving cyber landscape, Circadence offers cyber range solutions and cybersecurity learning platforms that leverage artificial intelligence and custom content to address critical security challenges for enterprise, government, and academic institutions. Circadence’s solutions deliver persistent, immersive and true-to-life experiences that match and adapt to contemporary threat environments.

AI-infused Solutions Will be Leveraged as Security Becomes More Outcome-Oriented

Gaurav Banga, Founder and CEO @ Balbix | San Jose, CA USA

Traditionally, security programs have focused on completing point projects. Checking items off to-do lists without fully understanding whether or not the projects had any meaningful impact on overall security posture. Recently, companies more and more are realizing they can’t afford to spend time and resources completing projects without knowing for certain those actions are having a positive impact on reducing overall risk. In 2019, we will see a shift in companies leveraging advanced tools that benchmark risk and identify the mitigation actions that will most impact and strengthen security posture. As organizations focus more on the actual outcome of their security activity and the effectiveness of the tools they deploy, AI-based solutions will play a bigger role. With the number of cybersecurity threats growing every day and increased digitization of assets/processes vulnerable to those threats, it is mathematically impossible for humans to manage the task of sifting through hundreds of thousands of vulnerabilities to determine which to prioritize. AI tools that continuously monitor all assets and proactively predict what vulnerabilities are most likely to be exploited are absolutely essential. 

Brief Biography
Gaurav Banga is the Founder and CEO of Balbix, and serves on the boards of several companies. Before Balbix, Gaurav was the Co-founder & CEO of Bromium and led the company from inception for over 5 years. Earlier in his career, he served in various executive roles at Phoenix Technologies and Intellisync Corporation, and was Co-founder and CEO of PDAapps, acquired by Intellisync in 2005. Dr. Banga started his industry career at NetApp. Gaurav has a PhD in CS from Rice University, and a B.Tech. in CS from IIT Delhi. He is a prolific inventor with over 60 patents.

Important Issues:

  • Organizations simply don’t have the resources for their security teams to be completing projects without clearly understanding what kind of an impact those projects will have on reducing the company’s overall risk.
  • It is mathematically impossible for security teams to monitor and respond appropriately to all vulnerabilities.
  • Even the largest security team comprised of the most skilled IT professionals can’t effectively prioritize which actions to take first in order to secure the most important business assets without the help of AI.

Direction for CSOs and Decision Makers:

  • Focus security team’s efforts on benchmarking company risk and taking properly prioritized actions/completing projects to measurably improve resilience and reduce risk.
  • Leverage advanced AI- and ML-based security solutions to keep pace with the constantly growing number of threats and your organization’s attack surface.
  • AI will NOT replace human security pros. Humans will still be needed to act on the information that AI and ML tools produce, and will focus more on the larger strategy behind your company’s security posture and help the security program become more outcome.

The Balbix breach avoidance platform, BreachControl™, is the industry’s first system to leverage specialized artificial intelligence (AI) to provide comprehensive and continuous predictive assessment of breach risk. Visualized via a searchable and clickable risk heat-map, it is designed for CISOs, CIOs and IT security teams. BreachControl can forecast critical breach scenarios and prioritize/recommend fixes by business risk, improving security operations, compliance and cyber-resilience.

Identities will become the new security perimeter in 2019

Balaji Parimi, Founder and CEO @ CloudKnox Security | Sunnyvale, CA USA

In 2019, the big cloud providers will start to realize that most enterprises are not going to migrate 100% of their applications to public cloud and will focus on delivering solutions that provide a seamless hybrid cloud experience. This will further blur the definition of the security perimeter, effectively making “identities” the new perimeter. Couple this paradigm shift with the unprecedented levels of automation that give identities vast power and enterprises will begin to rethink their approach to managing identity privileges across clouds. Enterprises will move away from depending on static role-based access controls (RBAC) to manage identity privileges and will start to turn to more dynamic authorization models (like activity-based controls) to achieve the principal of least privilege.

Brief Biography
Balaji Parimi is Founder and CEO of CloudKnox Security, a cloud security company that empowers organizations to manage the identity privilege lifecycle across private and public cloud infrastructure. Prior to founding CloudKnox, Balaji was VP of Engineering and Operations at CloudPhysics, Staff Engineer at VMware, Architect and Technical Lead at 8X8, and Senior Software Engineer at Quality Call Solutions.

Important Issues:

  • Shadow infrastructure will emerge and take center stage.
  • The rise of non-human identities will make insider threats tougher to mitigate.
  • The proliferation of identity privileges across private and public cloud will render current manual management approaches obsolete.

Direction for CSOs and Decision Makers:

  • Get a true understanding of your insider threat risk posture by gaining deep visibility and insight into the activity and privileges of every unique human and non-human identity within your environment.
  • Implementing a solution that leverages a static Role-Based Access Control (RBAC) model will not work if you are trying to achieve the principal of least privilege in the cloud. Consider a dynamic authorization model that continuously monitors the activity.
  • Managing identity privileges should not be about restricting privileges and inhibiting productivity but about giving identities – whether human or non-human – the authority to use “just enough” privileges to perform their day-to-day jobs.

CloudKnox delivers a single platform for managing the entire identity privilege lifecycle across hybrid cloud utilizing a revolutionary Activity-based authorization model. This groundbreaking approach offers a non-intrusive way to manage identity privileges and protects organizations’ critical infrastructure from malicious and accidental misuse of credentials.