This post originally appeared on vmblog.com
From political scandals, to the Equifax breach and WannaCry hack, no industry was left unscathed from hackers on a mission in 2017. It’s no doubt that security was top of mind for all organizations this year — if it wasn’t already. In 2018, companies will rethink their security strategy and implement new tactics and measures in order to better protect themselves. There are many ways this will happen, but my bet is machine learning will have a stronger role in security tools, while IT teams shift their focus to better manage automated systems.
Machine learning will play a critical role
With the expansion of DevOps and microservices, today’s software is divided and packaged into much smaller entities — resulting in less complex entities, but more of them, than before. With more entities, it’s difficult to rely solely on manual security configuration and automation must be introduced. However, the fact that each entity is simple, makes it possible to effectively learn and enforce its behavior, creating stronger protection than before. Utilizing the latest machine learning techniques enables the ability to automatically create tight and customized behavioral protection around each microservice. In 2018, better learning in security tools and services will help companies scale security more efficiently.
Companies will rethink management of automated systems
Throughout the past year, we’ve seen that the biggest threats are less about technical defects and vulnerabilities, and more about the challenges organizations face with managing increasingly large, sophisticated, but non-automated, systems. As organizations across all industries and sizes become more software oriented, their security tools and practices are struggling to keep up with new platform’s rapid pace of change. CISO’s are getting pulled in two opposing directions: don’t slow down the innovation in the business, but provide security across a constantly shifting baseline. It’s difficult to excel in both simultaneously. In 2018, IT teams will be required to rethink the way they build and operate security organizations and the staff they hire, to have more depth on automating security practices.
Hacking public opinion is officially a thing
Threat actors that target manipulation of societies and communities of interest at the national and international levels will be more prevalent in 2018. This became common and persistent in the US during 2016 and 2017, and other governments and citizeneries around the world are likely to be similarly affected next year. Further, cyberhacking terrorist activities will likely drive governments around the world to seek more surveillance capabilities, which could further clash with privacy advocates. The debate between government surveillance and privacy will reach new heights, prompting tech companies to increasingly take clear positions in the debate on how they build their products.
Shift left will persist
Continuing the ‘shift left’ of security responsibility, adoption of DevSecOps practices will be critical for organizations looking to avoid breaches of the Equifax scale in 2018. It’s no longer enough to have a siloed security team trying to catalogue and prevent known threats. Applications must be built with security in mind, and to do this, development teams need to be given the tools, information and training that allow them to address risks before code is deployed. These DevOp pipelines will increasingly include security as a mandatory component prior to deployment, meaning developers will need to be progressively conscious of how responsive the projects and companies they build on are to security vulnerabilities.
Follow us on Twitter
Keep up to date with the latest news from TwistlockLabs and TwistlockTeam.
Twistlock Releases Serverless Runtime Defense
A few months ago, we wrote a piece on “The Continuum of Cloud Native...
Why DevSecOps is No Longer Optional
DevSecOps has been a hot topic within tech conversations for a few yea...
Better Together: Announcing The Twistlock Advantage Program
It’s been about three years since we exited stealth with the first g...
My Security Toolset Today Vs 10 Years Ago
It can be easy to forget how sophisticated IT security tools are today...
How to crash the Linux Kernel with a CDROM interaction – CVE-2018-11506
I’ve recently discovered and reported a buffer overflow vulnerabilit...