Looking Forward – Cybersecurity Landscape

[SPONSORED ARTICLE]

Cybersecurity is a relatively new discipline in the realm of computing. Once computing became more democratized, the more risk and potential for cyber adversaries.

Dealing with cyber risk and adversaries is now part of a normal business plan. Security is a business enabler and builder of trust.

Move to the Edge

Edge is a word we have heard for quite some time, but in general conversation lacks a consistent definition.

When thinking about edge, consider these characteristics as a starting point:

Edge use cases are largely driven by the world of the internet of things (IoT) that collect and transmit data to derive an outcome. Expect to see an accelerated full-scale rollout of edge use cases in areas such as:

These use cases require connected systems from the network layer through to application monitoring/management and require each component to be secure in order to derive the desired outcome.

Expect to see the erosion of decades-old siloes such as networking, IT, app development, and security begin to fade away and enable more cross-functional work and roles so edge use cases can be implemented.

Data Lifecycle

Edge computing is all about data – collecting, using, and enriching.

From a security perspective, expect to see solutions that focus on the data lifecycle to help organizations make sure that data governance policies are automated and enforced.

As more edge applications are deployed, the sheer amount of data will multiply at a rapid scale. Data, at the heart of the edge app, needs to be protected, intact/trusted, and usable

Application Security

Security is central to a successful business, and in a software-defined world, applications are the connecting point.

Application security is seemingly the last frontier of an ecosystem built with security in mind. Moving to an edge compute paradigm, graphical user interface-based apps give way to headless or non-GUI applets and application programming interfaces (APIs).

APIs are about computer program to computer program communication. It is critical that the software development lifecycle embrace security as a non-functional requirement. This may require developers to re-assess software engineering practices and work in more systematic ways.

Expect application security to be a priority as organizations move to the edge.

Threat Intelligence

Threat intelligence, the gathering of information about attacks on an organization from a variety of sources, will continue to be an essential component of security.

With edge computing and the expansion of IoT devices, threat intelligence will relay more granular and refined information about the attack surface. Threat intelligence will continue to be delivered as tactical, strategic, and operational. As more machine learning enrichment is available, consumers of threat intelligence will demand more pertinent and personalized reporting.

Expect the need for more relevant and curated threat intelligence feeds.

Biometric Security

Using biometrics to authenticate identity is nothing new, we have been doing this with fingerprints for over 50 years and more recently with facial recognition. In fact, multi-factor authentication is frequently framed as something you know – a passcode, something you have – a device, and something you are – a biometric indicator.

We are now seeing celebrities selling their images or digital twins. This means that your favorite actor will continue to be in new movies, at varying ages, indefinitely.

What does this mean for security? Increasingly, we are being asked to authenticate via some sort of biometric. Advancements in digital twins and deepfakes mean there is a need to secure our own physical identities. The abundance of images available of any individual can yield a treasure trove for an adversary seeking to hack an identity.

Expect to see more serious discussions regarding digital twins and how to make biometrics more secure.

Cyber/Physical

Cybersecurity professionals have secured our cyber world. Increasingly, connected computers are entering a space that was reserved for physical only devices – think internet connected medical devices, construction devices, and transportation. These previously physical-only devices connected to the internet means convergence.

Making sure that these new styles of endpoints are protected from cyber-attacks as well as physical attacks are key.

Expect to see more solutions focused on protecting the cyber and the physical as well as new roles emerge to focus on this element of security.

Looking Forward

Out of necessity, digital transformation initiatives flourished over the past two years. And, more recently, digital transformation yielded way to operationalizing what was transformed.

Expect to see the next logical move in building a digital-first experience with security at the core.

Visit us at www.cybersecurity.att.com for more information on how we can help on your journey to cybersecurity resiliency.

Theresa Lanowitz is the Head of Cybersecurity Evangelism at AT&T Cybersecurity. Theresa is a proven global influencer and speaks on trends and emerging technology poised to help today’s enterprise organizations flourish. She is currently the head of cybersecurity evangelism at AT&T Cybersecurity.

Prior to joining AT&T, Theresa was an industry analyst with boutique analyst firm voke and Gartner. While at Gartner, Theresa spearheaded the application quality ecosystem, championed application security technology, and created the successful Application Development conference. She holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.