Partner Perspectives  Connecting marketers to our tech communities.
5/29/2018
09:00 AM
Shehzad Merchant
Shehzad Merchant
Partner Perspectives
Connect Directly
LinkedIn
RSS
50%
50%

An Industry In Transition: Key Tech Trends In 2018

By Shehzad Merchant, Chief Technology Officer, Gigamon

It’s the time of the year where everyone makes predictions for the following year. But rather than focus on predictions, I’d like to zero in on long-term trends that will have a broad, far-reaching impact. So without further ado, here are three of them:

1. The Pendulum Of Cybersecurity Will Shift From Confidentiality To Integrity And Availability

The risk rhetoric around cyber breaches will shift from one aimed at confidentiality to one increasingly focused on integrity and availability. Typically, when we talk about breaches, more often than not we're talking about compromised company data or customer information. Many of the recent large breaches in the news reflect this. Cyberattacks that seek to compromise confidential or personal information are fundamentally attacks on the confidentiality of information. However, as we look toward the world of connected devices, breaches in that world will affect the functioning of those devices.

In other words, cyber breaches in the world of connected things or the internet of things (IoT) will impact either the availability of devices or the integrity or functioning of those devices. And this is a much more serious threat than what we are used to today. Cyber breaches that affect the integrity or availability of devices can be life-threatening, and consequently, the risk, cost and threat levels associated with such breaches will far outweigh anything that we are seeing today. An example that comes to mind is medical equipment vital to a patient’s survival such as a respirator or insulin pump. While we as an industry are perhaps reaching the point of breach fatigue, I think the bigger set of issues lie ahead of us. 

2. Rise Of Machine Learning

The use of machine learning (ML) will increasingly proliferate across all aspects of cybersecurity. With recent advances in technology, the use of ML is no longer something mystical, futuristic or confined to the academics. Rather, ML is fast becoming mainstream, with open-source and commercial offerings targeted toward cyber defense. Massive compute and storage capacity at affordable prices and infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) offerings are making ML-based solutions easier and more affordable to deploy.

More significantly, however, is that the algorithms around ML, both focused around supervised and unsupervised ML and the toolkits around them, are rapidly advancing in capability and maturity, particularly in the finance sector. Even the ability to throw massively parallel graphics processing unit (GPU) systems toward ML-based computation is now becoming mainstream with the availability of user-friendly toolkits, APIs and third-party integrations. With these advances, threat intelligence researchers, technology companies, academic institutions and infosec teams will all increasingly attempt to apply ML-based solutions as a way to fingerprint bad actor activity, build more accurate baselines into normal behavior and surface anomalies against that. Key to the success of this is access to relevant and targeted training data that is used for supervised and unsupervised ML. Here, too, the content-rich network traffic data and metadata, which hitherto were harder to come by, are now becoming easily available. This is one promising and long-term trend that can significantly advance cyber defense.

3. Blockchain To The Forefront

Any talk about long-term trends would be remiss without a discussion on blockchain. I am referring to the underlying technology behind Bitcoin -- not the cryptocurrency itself. The distributed ledger mechanism of blockchain is very amenable to solving many of the broader problems we face today. While smart contracts seem to be the buzz today around blockchain, the real power lies in harnessing it for fundamental and discontinuous shifts in how we think about trust and the role of centralized trusted authorities. These include governments, banks, clearinghouses, credit verification agencies, etc. Our long-standing reliance on central authorities has created both monopolies and choke points that cybercriminals have been able to target with massive impact.

For example, take the case of the Equifax breach that revealed a record number of user identities. Rather than having a handful of central authorities that control the data of hundreds of millions of users, we should consider models with each user’s credit history protected as part of a blockchain with access rights controlled by the user as needed, such as for credit verification. Leveraging blockchain in this way would fundamentally change how we think about credit reporting, privacy and the ability to access that information for credit history verification.

There are other challenges that will arise, of course, and blockchain itself will need to evolve. However, the overarching point is blockchain has the potential to create discontinuities that can change and reshape the very notion of the role of centralized authorities, governments and banks and their involvement in terms of how we conduct business in our day-to-day lives. There is still a long way to go with it, but it's certainly a very interesting trend to keep an eye on.

From a swing of the cybersecurity pendulum to the increasing ubiquity of machine learning and more, 2018 is likely to be one for the books. How do you foresee the cyber landscape changing in the coming year?

As previously seen on Forbes in An Industry In Transition: Key Tech Trends In 2018.

Shehzad Merchant serves as Chief Technology Officer of Gigamon bringing over 20 years of experience in the high-tech industry. Prior to joining Gigamon, Shehzad served as the CTO at Extreme Networks, and is the author of several networking and communications patents. He is a ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
rubelmollah
100%
0%
rubelmollah,
User Rank: Apprentice
7/29/2018 | 11:00:28 AM
nice post
Thanks For Sharing Such beautiful information with us. i hope you will share some more information about this post. please keep sharing! 
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Why Password Management and Security Strategies Fall Short
Steve Zurier, Freelance Writer,  11/7/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
gigamon: Partner Perspectives
Gigamon is the company driving the convergence of networking and security. We help make more threats visible, deploy resources more efficiently and maximize performance of your network and security tools.
Featured Writers
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6260
PUBLISHED: 2018-11-13
NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector.
CVE-2018-16850
PUBLISHED: 2018-11-13
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.
CVE-2018-17187
PUBLISHED: 2018-11-13
The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer certificate, with options...
CVE-2018-1792
PUBLISHED: 2018-11-13
IBM WebSphere MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, 9.0.1 through 9.0.5, and 9.1.0.0 could allow a local user to inject code that could be executed with root privileges. IBM X-Force ID: 148947.
CVE-2018-1808
PUBLISHED: 2018-11-13
IBM WebSphere Commerce 9.0.0.0 through 9.0.0.6 could allow some server-side code injection due to inadequate input control. IBM X-Force ID: 149828.