What Technology Will Most Impact the Future of Cybersecurity? 33 Experts Share Their Insights

Jul 11, 2019

SANTA CLARA, CA, July 11, 2019 (DisruptorDaily) – A computer without a robust cybersecurity framework is the equivalent of a wallet being left on the sidewalk in a crime-ridden neighborhood. In 2019, cybersecurity is nearly as critical to our everyday lives as food, water, and oxygen — without it, our livelihood as we know it is compromised.

But which technologies are working to strengthen cybersecurity as we know it? This is an important question that will partially define the relative stability or chaos of our digital future. These industry insiders know their stuff when it comes to cybersecurity, and they shared their opinions on which technologies are molding the future of cybersecurity. Here’s what they said:

1. Matan Or-El, co-founder and CEO of Panorays

“I believe that machine learning will shape cybersecurity, because today’s threats are impossible to tackle with traditional technologies. There’s an uneven balance between millions of attack vectors that can lead to one breach and just a handful of defenders that obviously cannot keep track. With machine learning, the defenders can play on the same field as the attackers and have a force multiplier through automation. We’re now seeing the beginning of this, but within the next half decade, we’ll see an explosion of security solutions using machine learning.”


2. Jon Rolfe, Group Cybersecurity and Risk Manager at Ventia

“With continued high-profile security breaches now a weekly occurrence, privacy will be a major business and individual consideration. Identity based security solutions need to develop to seamlessly provide secure access to numerous cloud-based services for consumers, while also protecting what personal information they share with each organisation and service. These solutions must address the consumer frustration with hundreds of individual accounts, difficult to use multi-factor authentication solutions and reducing levels of trust with online businesses, services and governments.”


3. Andrew Peterson, CEO of Signal Sciences

“Security budget and resources will reflect the threats organizations face, and the application layer is where the risk has shifted, not the legacy idea of network perimeter. The threats facing an organization today are phishing, compromise of the endpoint, and attacks on everything that you’re exposing at the web layer. Spend and focus have to follow the risk. This means we are seeing a significant shift in investment and focus from traditional network perimeter-based security to defending where the risk for enterprises is today: application and endpoint security.”


4. Noam Erez, CEO of XM Cyber

Noam Erez“It’s hard to pinpoint a single technology that will have the biggest impact, but automated purple teams will play a crucial role. An automated purple team solution on one hand acts as a virtual hacker that is updated with the latest threats, simulating cyber-attacks targeting critical assets and uncovering attack paths. On the other hand it provides key findings on the most critical issues to be fixed. An automated purple team combines and automates traditional red and blue team exercises, that test the network 24/7 to identify any weak points and offer a remediation plan for those that are found. This is an important new cybersecurity tool that is helping enterprises gain the upper-hand on attackers and stay one step ahead of them.”


5. Brian NeSmith, co-founder and CEO of Arctic Wolf

“Enterprises want a security outcome from their cybersecurity investments, and that requires a combination of people, process and technology.

The biggest impact comes from effectively combining technology, people and processes to answer the question, “Is my information safe?”


6. Marty Wachocki, Lead Developer and Partner at Propel Technology

“Multi-factor authentication. While this has been around for a while it’s use is only now picking up.

We’re starting to see this commonplace with the businesses we work with which is a huge step in the right direction for security.”


7. Mark Herschberg, CTO of Averon

Mark Herschberg“Automation and the cloud will be critical to improving security. The average SMB has neither the time nor skill set to stay abreast of that latest vulnerabilities and continually patch. Orchestration tools like Kubernetes, docker, and terraform will allow companies to take proven, off the shelf technologies and regularly redeploy for very little cost. The communities will continually improve the security of the systems and and tools will allow low cost, regular updates. Cloud providers offer another layer, by having a team of professionals to continually monitor and protect. Still the human factor will likely continue to be the weakest link.”


8. Sarbari Gupta, PhD, CISSP, CISA, President & CEO of Electrosoft Services

“I believe AI and machine learning will have the biggest impact on the cyber security industry over the next decade. Cyber security skilled resources are pricey, and demand in the marketplace is outpacing supply. In addition, the amount of data that needs to be analyzed in order to identify and mitigate cyber security risks is rising faster than anyone could have imagined. As a result, cyber security tasks that are repetitive or conducive to automation will rapidly be transitioned to smart tools and technologies that use AI and ML, while leaving the most complex actions and decisions to human cyber experts.”


9. Aaron Turner, CEO of Hotshot

“The business sector is finally working to secure employee communications channels – messaging, email, file sharing and more. It’s not just to protect against hackers and cyber-espionage, but also from new labor laws and strict regulations like GDPR. IT teams are learning how to segment and protect data by WHAT its level of sensitivity is, WHERE data access must be restricted, WHEN access is appropriate and WHO in the organization can see it. This is helping companies protect customers and stop data breaches, legal and regulatory violations and costly fines.”


10. Teguh Aprianto, co-founder of HackSys and Ethical Hacker Indonesia

“Blockchain. Many banks in the world have issued Blockchain on their systems such as Royal Bank of Canada (RBC). They developed a ledger technology (DLT) system based on Blockchain technology, and were named Hyperledger. In addition, Bank OCBC has also used Blockchain technology to transfer funds between OCBC branch offices in Singapore and Malaysia. The money transfer process only takes 5 minutes.

We are aware that data becomes something very valuable. But the data is also wanted by cyber criminals. But with decentralized nature of blockchain technology. The cyber criminals no longer have a single point of entry, nor can they access entire repositories of data in the event that they do get in. This feature is one of the main reasons why enterprises are now considering blockchain as data privacy solution.”


11. Frances Dinha, CEO of OpenVPN

Frances Dinha“Secure connectivity, trust, authentication and authorization between communicating entities for access to resources make up the bedrock of cybersecurity. Therefore, centralized identity management and zero trust networking, if implemented correctly, will have the biggest impact.”


12. Yoni Kahana, VP of Customers at NanoLock Security

“New approaches to control of the growing IoT devices will have a big impact on the industry’s ability to keep up with growing cybersecurity threats – currently these devices typically employ a processor-based approach with security living in the hardware or software, but this leaves devices vulnerable to attacks. One innovative approach is to protect the device’s flash memory itself, creating a root of trust in the flash that facilitates a secure channel all the way from cloud to the flash, making it impossible to attack, even when all other security measures fail. This approach protects the device from inception throughout its entire lifecycle.”


13. Mike Stamas, co-founder of GreyCastle Security

“I think the biggest technologies to impact cybersecurity will be AI technologies that help to bring efficiency and automation to cybersecurity processes that, to date, have only been able to be delivered effectively through human interaction.”


14. Stephen Gailey, Head of Solutions Architecture at Exabeam

“In the upcoming years, user entity behavior analytics (UEBA), which can detect the telltale behaviors associated with attacks will become critical to the cybersecurity industry. It lets you identify an attack earlier in its kill chain, such as during the infection, staging or scanning phases, before encryption occurs. From the onset of its deployment, a behavior-based approach creates normal user behavior baselines, making it possible to track any deviations from the norm. Examples include an illegitimate user who attempts to connect to a domain, or an insider who suspiciously downloads files typically not associated with them.”


15. Ryan Webber, Vice President of Enterprise Mobility at SOTI

“Organizations must adopt a full-cycle mobility strategy to safeguard against cybersecurity threats. Enterprise Mobility Management (EMM) solutions will have the biggest impact on the cybersecurity industry as it enforces security policies for business-critical mobility, from initial device onboarding and protection, through to monitoring and controlling devices during everyday use. As the IoT ramps up, so does the need to secure and manage myriad endpoints. Experts forecast that more than 75 billion connected ‘Things’ will be in use by 2025. That’s 75 billion endpoints delivering essential functionality at the edge of an organization’s network – sensors, printers, scanners, wearables and robots, and many more ‘Things’ we’re not even aware of yet.”


16. Bryan Becker, Product Manager at WhiteHat Security

“AI and machine learning will definitely have the biggest impact on the cybersecurity industry. With this, there will be a need for a new breed of data scientist. What we have already begun seeing is the need for security experts who understand data science and computer science to be able to first make sense of the security data available to us today. Once this data is prepared, processed and interpreted, it can then be used by AI and ML techniques to automate security in real time.”


17. Steve Tcherchian, CISSP, Chief Product Officer, XYPRO Technology Corporation

“With the current volume of data and the rate at which it is increasing, we’ve gone past the point where humans are able to analyze it. We’ve seen a lot of jobs and roles which rely on repetitive tasks being replaced by automation.

AI allows the machine to make decisions based on a variety of factors including reactions that traditionally require human intelligence. We are still a bit premature when it comes to Artificial Intelligence. There is a lot of skepticism on the results, value and even the ethics behind it. We may hit a breakthrough at some point, as the need for this becomes critical.”


18. Joshua Davis, Director of Channels at Circadence

“AI/ML has been explored and been in the process of being developed for decades in marketing and many other domains for years. The availability of these AI/ML technologies through cloud services (e.g., MSFT Azure) will make this more available for other domains. I would expect offerings in the coming years to be more and more AI/ML powered and eventually going to decision support/recommenders driven by this type of technology.”


19. Dirk Morris, Founder & Chief Product Officer, Untangle

Dirk Morris“We should expect to see more and more channel partners and vendors moving towards cloud services for both security and performance reasons. In contrast, direct consumers will be slower to adopt cloud technology and understand the cloud, due to lack of knowledge about the security and costs associated. Both end users and partners should research cloud services before taking the leap, to ensure it is beneficial, cost-effective, and from a reputable company.”


20. Jason Mical, Cybersecurity Evangelist at Devo Technology

“Artificial intelligence and machine learning will have the biggest impact on the cyber security industry – and it is already a requirement for businesses – due to the fact that human beings can simply not keep up with digital workflows. Today, enterprises are experimenting with AI and ML technologies in siloed approaches to cyber defense. The key to the success of their adoption lies in universal data access. By processing real-time data streams in conjunction with historical data sets across the entire organization, AI and ML will drive, true proactive and predictive actions to protect the enterprise from cyber threats.”


21. Victor Congionti, Co-Founder and CEO of Proven Data

Victor Congionti“I firmly believe the biggest impact on the cyber security industry will not be advancement in a particular technology, however a shift in our attitude and culture around keeping data secure. Cyber security is in a position where we need more awareness and resources for businesses and consumers to understand their vulnerabilities and how to improve. Because cyber threats and digital crime is always evolving and expanding, having a dynamic culture and attitude towards the newest trends will indeed have a lasting impact, and our industry desperately needs to adopt this attitude!”


22. Shlomi Gian, Chief Executive Officer, CybeReady

Shlomi Gian“The continuous focus on effective employee education will pay off in the cyber security industry. As indicated by the number of successful phishing attacks and the increasing financial demands, existing programs fall short and employees do not change their behavior. Utilizing machine learning and data science to develop personal training programs that are integrated in employees daily routine could make a major impact, and turn each employee to an ambassador of cybersecurity safety.”


23. Austin Norby, Director of Cyber Initiatives, Blue Star Software

Austin Norby“As of now, the future of cybersecurity will remain the same as it has been until more fundamental steps are taken to solve the same problems that we’ve had in the past. There are still basic cybersecurity mishaps that need to be accounted for including password policies, unpatched vulnerabilities, and ultimately the business cost to implement cybersecurity. The company or product that will succeed will be the company or product that is able to integrate security into their client’s enterprise with minimal pains, a dedicated response staff, a custom remediation effort for when the client is compromised, and yet have the client convinced of the solution’s absolute necessity.”


24. Gadi Naor, co-founder and CTO of Alcide

“Enterprises building cloud-native applications have embraced DevOps methodologies and technologies such as containers, microservices to achieve the responsiveness and scalability required in today’s white-hot software market. By integrating automation earlier in the development process, developers can eliminate security problems before they necessitate costly slowdowns in production and rewrites of code. By applying security at the container and microservices level early in development, enterprises can bake security into their web applications in a way that is practical, which will scale and grow with the application, and which will not slow down the application or developers.”


25. Sam Stelfox, Security Engineer at Minim

Sam Stelfox“The rise of encrypted web and new protocols that don’t have an unencrypted variant (such as the new HTTP/3 standard which will soon be serving your websites) will have a big impact on cyber security. A specific example on how this will affect our daily lives is the death of the captive portal. If  you’ve used public WiFi in coffee shops, airports, libraries, restaurants, or hotels, you’ll be familiar with getting stopped by a webpage asking you to agree to terms and conditions, log in, and/or pay before you’re granted internet access. These are called captive portals, and they actually abuse an old network security weakness by effectively pretending to be a server to which you’re connecting. The encrypted web is going to abolish this impersonation vulnerability, so we can say farewell to captive portals.”


26. Morey Haber, CTO, CISO at BeyondTrust

Morey Haber“Endpoint security will have the biggest impact on the cyber security industry in 2019. While organizations continue to focus on machine learning, artificial intelligence, and centralized analytics, the bulk of exploitation is still occurring on the endpoint. The industry is seeing a resilience in endpoint protection technology to protect mobile devices, laptops, and Internet exposed devices from phishing attacks, vulnerabilities, malware, and file less based attacks that make up the bulk of breaches continuing this year. This goes far beyond traditional antivirus and includes technologies that can protect against known vulnerabilities, application control, and reputation based services to determine indicators of compromise.”


27. JB Aviat, Co-Founder, CTO of Sqreen

JB Aviat“The technologies that will have the biggest impact for the
cybersecurity industry are the ones that will empower engineering teams to handle part of the security load themselves. This means that technologies that provide actionable and impactful security insights will see the most use. Runtime Application Self-Protection is one such technology. The ability to deliver real-time insights with a lot of useful context will make it much easier for engineering teams to get more deeply involved with security, which will have a huge impact on the industry.”


28. Troy Kent, Threat Researcher at Awake Security

“The biggest impact on cybersecurity will come from a new way of thinking: the community must apply methods and procedures that the more mature field of Computer Science uses. For instance, a specific example of this is the way we create, test and share detection workflows. Today there is very little precision by security vendors in this area and analysts pay the price of alert noise. By learning from some of the principles like functional programming, I believe we can deliver detection hunting workflows that don’t rely on being tested only once they get into the customer environment.”


29. Attila Tomaschek, Cybersecurity Researcher at ProPrivacy

“Successfully leveraging artificial intelligence and machine learning technologies will have a tremendous impact on the future success of the cybersecurity industry. The massive amounts of data being generated and processed by connected devices and the systems that run them will continue to increase at such an astounding pace that the data will be impossible to properly secure without relying on artificial intelligence and machine learning. Robust AI systems need to be put into place to handle the task of recognizing cyber threats, and those systems will need to adapt to ever-evolving threats through machine learning to mitigate those threats.”


30. Satish Abburi, founder of Elysium Analytics

“Shared machine learning models and greater involvement with organizations like MITRE and its approach with ATT&CK vectors. This is an example of the kind of environment where proactive efforts are built with a community of knowledge leaders in the industry. This, and examples like this, will continue to shape and grow and incorporate more advanced approaches, methods, and models.”


31. Marcus Chung, CEO of BoldCloud

“Innovations in data protection are absolutely the most impactful. Technologies like ‘mirror shielding’ offer a way for businesses to restore their data to a known good state, so regardless of the attack they may have faced (ransomware, crypto mining, targeted threats, viruses, etc.), it is possible to reset their computers and data as if the attack never happened. This is because cybercriminals attack a mirror image of data, not the actual files are not even touched. This is proactive and empowering technology vs. reactive (data recovery, restored backups, insurance) so businesses can stay fully operational/competitive in the most treacherous cybersecurity landscape to date.”


32. Dan Hubbard, Chief Product Officer at Lacework

Dan Hubbard“Machine learning. Most security solutions rely on monitoring configurations, but what’s needed is a continuous understanding of behavioral anomalies in an environment, and only an approach that uses machine learning can provide that.”


33. Maik Catrinque, Site Reliability Engineer specialist for The All-in-One Data Warehouse, provided by SlicingDice

“In my opinion, Cloud Technology will have the biggest impact on the cybersecurity industry because as the cloud computing model decreases operating costs and increase accessibility, more stages of security verification are overlooked by more users, which means threats can be detected and fixed instantly, contrary to on-premise systems.”

This story was initially published on DisruptorDaily.com.

Copyright © 2019 Elysium Analytics. All rights reserved.