Get Your Global Excellence Awards Entry Kit Now
Security Predictions and Directions
Join the Cyber Security Worldwide Community on LinkedIn
 Home Executive Briefings Security Predictions SM Directory Global Excellence Volunteer as Expert Register Awards About
 

2018 Security Predictions and Directions THIS PAGE IS BEING UPDATED

Bitcoin and Cryptocurrency fraud on the rise in 2018
Steven Bearak, CEO & Co-Founder - IdentityForce, Inc. - Framingham, MA USA

With a market capitalization today approaching $200 billion, Bitcoin accounts for over half of the market capitalization of all cyber currencies, as reported at www.coinmarketcap.com. However, remember, even cyber currencies aren’t immune to hacking. In fact, it’s well-known that hackers are now taking over one of the key components of personal information – the mobile phone number – to reset passwords. These fraudsters, within seconds, can then change the password within a virtual currency wallet and simply drain the funds. Just like that. This is certainly a key component of fraud for us all to keep a watchful eye on in 2018. 

Brief Biography
In 2006, siblings Steven Bearak and Judy (Bearak) Leary co-founded IdentityForce, Inc. Since then, the two have continued a nearly 40-year family tradition of pioneering the identity theft protection industry. Under Steven’s leadership, the U.S. government awarded IdentityForce elite Tier-One status as an approved provider of identity protection services for data breaches affecting over 21.5 million people. Steven is often sought out by the press as a source for pertinent security topics spanning consumer and business audiences, and he writes regularly for HR and security publications.
Important Issues:
  • The Dark Web will get… Darker! There are over 4 billion indexed pages on the Web, but the growth of the Dark Web will increase as the value of Personally Identifiable Information (PII) keeps increasing (and more breaches are happening).
  • The information on the Dark Web can be used to impersonate legitimate consumers to open bank or credit card accounts, purchase products and services, and much more. And, the most popular form of payment accepted on the Dark Web is Bitcoin.
  • At this point, it’s not a matter of if your personal information is on the Dark Web, but how much of it is there being bought and sold.
Direction for CSOs and Decision Makers:
  1. With the consumerization of IT and the continuous blend of personal and professional lives, CSOs continue to be focused on securing data on any and every device accessed by their employees.
  2. The InfoSec teams are responsible for the security processes and protocols within the four walls of the organization. However, encouraging them to work alongside Human Resources teams is hugely beneficial to help those same best practices carry over outside.
  3. By having IT and HR team up, regular training and ongoing education can be one of the best defenses to protecting sensitive company and employee data, especially within organizations that have a mix of Millennials, Baby Boomers, and Gen Xers.
For 40 years, IdentityForce, Inc. has provided best-in-class, highly scalable, award-winning identity theft, privacy and credit protection solutions to consumers, businesses, and government agencies. With IdentityForce, members benefit from the most robust and award-winning identity protection, going as deep as Dark Web monitoring to keep personal information safe. A pioneer of identity protection, IdentityForce’s innovation and customer-centric approach has made the company a trusted partner for both organizations and individuals. IdentityForce also provides custom-tailored programs to organizations enabling them to build closer relationships and additional revenue streams. Learn more at www.identityforce.com.

AI and machine learning takes on more importance
Timothy Liu, CTO, Co-founder of Hillstone Networks - Hillstone Networks - Santa Clara, CA USA

Systems utilizing security analytics has been gaining acceptance for the past few years. These systems hold the promise to discover complex patterns inside large amount of data, not possible with human eyes. Security analytics have found their way into existing products such as endpoint security and SIEM, as well as creating product categories such as UBA/NBA (User Behavior Analysis/Network Behavior Analysis). With the advancement of AI and machine learning technology, the capability of these systems can be greatly improved. We will find more security products and service offering using machine learning, and more security budget allocated for them.

Brief Biography
Timothy Liu is founder and CTO of Hillstone Networks where he oversees technical roadmap and product strategy. Before founding Hillstone, Timothy was in NetScreen and Juniper where he developed for ScreenOS VPN and kernel, and later on managed ScreenOS VPN team. Previously, Timothy held various engineering positions in Intel and Silvan Networks. Timothy Liu holds a Ph.D. in Physics from University of Texas at Austin, and Bachelor of Science from University of Science and Technology of China.
Important Issues:
  • AI and machine learning.
  • Ransomware.
  • Cloud Security.
Direction for CSOs and Decision Makers:
  1. More security budget allocated for security products and service offering using machine learning.
  2. As the increasing in security incidents shows that the cloud will be the new battleground in the defense against cyber-attacks.
Upsurge in software security as CISOs mandate application security testing
Anita D'Amico, CEO - Code Dx - Northport, NY USA

Vulnerabilities in an organization’s software applications are among the primary vectors used by attackers to breach a system. The Equifax breach was just one of many attacks traced back to the exploitation of a software vulnerability. During just the third quarter of 2017, there were more than 230 million web application attacks on U.S. websites. Mobile and Internet of Things (IoT) apps also present easy targets. Approximately 30% of mobile apps and 38% of IoT apps contain significant vulnerabilities that can be exploited by attackers.

After decades of investing resources in network security, attention is now shifting to application security (AppSec). CISOs, Boards of Directors, and the U.S. government realize that any sound security program must include AppSec, which extends to security testing of all their enterprise, web, mobile and IoT apps, as well as the third-party software components they use. Insecure software represents a liability that they are now addressing by maturing their own organization’s AppSec programs, and demanding that their suppliers do the same.

In 2018, we will see increased adoption of application security processes, well beyond the post-release penetration testing used by many to date. There will be an upsurge in static security testing used during software development, automated penetration testing, assessment of the vulnerabilities in third-party libraries, as well as AppSec training of developers and security analysts.

Brief Biography
Anita D’Amico, PhD is the CEO of Code Dx, Inc. which provides solutions to analyze and manage vulnerabilities in software. She started her career as an experimental psychologist, and for the past twenty years has applied that background to enhancing the performance of cybersecurity analysts. For the past seven years she has focused primarily on methods for increasing the adoption of security practices during the software development process.
Important Issues:
  • Increasing the speed, ease and automation of application security, so that security testing and remediation can keep pace with the rapid release cycles of web and mobile applications.
  • Raising awareness within the software development community of the need to build security into every stage of the Software Development Lifecycle.
  • How to combine network and application security in a way that each adds value to the other.
Direction for CSOs and Decision Makers:
  1. Invest resources in building security into your software from the start, to avoid more costly post-release patches and breaches.
  2. Do not rely on any single technique or tool for testing the security of the software you offer or use. Few work well alone, but used together they offer good vulnerability coverage.
  3. DevSecOps: Build security into your DevOps pipeline.
The State of Patching: Our Biggest Vulnerability?
Juan Perez-Etchegoyen, CTO - Onapsis - Boston, MA USA

In the age of named vulnerabilities and marketing-driven vulnerability disclosure, security professionals are under pressure to get ahead of the next big threat. But is this approach backfiring? Organizations continue to leave themselves exposed by not regularly and properly applying security patches - which can be more damaging than preparing for the next named vulnerability.

Brief Biography
Juan Pablo leads the Research & Development teams that keep Onapsis on the cutting-edge of the business-critical application security market. His SAP and Oracle cyber-security research has garnered critical acclaim for the Onapsis Research Labs. He is regularly invited to speak and host trainings at global industry conferences including Blackhat, HackInTheBox, Troopers, and SAP TechEd/DCODE. Prior to joining Onapsis, Juan Pablo led many Information Security consultancy projects for Companies in Latin America, EE.UU. and Europe. His strongest experience is in the field of Penetration Testing, Web Application Testing, Vulnerabilities Research, Information Security Auditing’s and Standards.
Important Issues:
  • Cryptocurrency miners gaining access through unpatched systems.
  • New ERP application attacks.
  • Migration of Business-Critical Applications to the Cloud.
Direction for CSOs and Decision Makers:
  1. Properly building and prioritizing patch schedules and processes.
  2. Aligning IT application, audit and security teams internally.
  3. Making security an enabler for digital business transformation projects.
Most organizations will continue to struggle with their sensitive data
Jonathan Sander, Chief Technology Officer - STEALTHbits Technologies - Hawthorne, NJ USA

In 2018, organizations will continue to invest in perimeter, network, endpoint, and application security. Most organizations will continue to struggle to focus on their most critical assets, sensitive data. Without a true focus on sensitive data and credentials, specifically Data Access Governance programs, organizations will fail to protect the assets that are prized by adversaries. 

As regulatory compliance standards like EU GDPR and 23 NYCRR 500 mandate organizations to have true Data Access Governance programs in place, we will see a slight focal shift. This shift will be because of the regulatory mandates, but it will not be a significant shift because of the unwillingness of C-Level executives to invest in security. 

Within security organizations, data security teams will need to continue to focus on people, process, and technology. They will need to identify the holes in their organizations, both from a personnel standpoint as well as a processes standpoint, then implement the proper technologies to help with some of those gaps. Ultimately, automation through technology will be key in supplementing the gaps in the people and process problems. 

Brief Biography
Jonathan is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets. Jonathan also plays the role of evangelist at STEALTHbits venues large and small. Prior to STEALTHbits, Jonathan was VP of Product Strategy for Lieberman Software. At Quest Software from 1999 through 2013, he worked with the security and ITSM portfolios and helped launch Quest’s IAM solutions, directing all business development and product strategy efforts. Previously, he was a consultant at Platinum Technology focusing on the security, access control and SSO solutions. Jonathan graduated from Fordham University with a degree in Philosophy.
Important Issues:
  • Cyber Security skills shortage – the hiring gap. With more than 1 million unfilled cybersecurity jobs, being able to train and retain top security talent within organizations is going to continue to be critical.
  • Sensitive Data – being able to discover, classify, and set the appropriate security levels for your sensitive data—and monitoring access and changes in real-time— so that adversaries (insider or external) can't exploit or steal your data & credentials.
  • EU GDPR, 23 NYCRR 500, and other regulatory compliance standards – gearing up for the change in how we protect our data and the massive fines that could be assessed if we do not do so appropriately.
Direction for CSOs and Decision Makers:
  1. Go back to the basics – ensure your foundation is structurally sound by implementing basic security policies and protocols. Then, actually enforce them. Verify critical security configurations in Windows. Monitor the proper usage of privileged accounts.
  2. Focus on what matters most – every attacker is after the same two things; credentials and data. Securing credentials and data is the most logical and most pragmatic way to reduce an attacker’s opportunity to carry out a successful breach.
  3. Make Security Part of Doing Business – take the time to invest in your employees and get them to incorporate security into their everyday mindset. To educate employees, companies must create their own security awareness programs and start with basics.
With digital transformation, access security moves up strategic stack
Scott Gordon, Chief Marketing Officer - Pulse Secure - San Jose, CA USA

The conventional approach to access security is about control and limitations. This is problematic, because when access and collaboration becomes a challenge, users will find a way around barriers. This goes beyond Shadow IT. Access control gaps and security incidents will only get worse with the proliferation of end user devices, the increase in malware (ransomware), and the growth of IOT devices on corporate networks. At the same time, organizations want to take further advantage of hybrid cloud and mobility – placing greater demands on user experience, availability, and contextual authentication requisites. Organizations will need to be more progressive in architecting how to bridge their users and devices with key applications and information in a multi-cloud environment, and assure appropriate access compliance within and outside their network - often on a global scale. This is about coupling protection with ease of access, flexible consumption, on-demand deployment and resources optimization. This strategically shifts the focus to enablement rather than restriction. As such, the role of integrated on premise and cloud secure access technologies will move up the CTO, CIO and CSO’s security stack.

Brief Biography
Scott Gordon (CISSP) is the chief marketing officer at Pulse Secure. He possesses over 20 years’ experience contributing to security management, network, endpoint and data security, and risk assessment technologies at innovative startups and large organizations. Previously, Scott was CMO at ForeScout (FSCT). He has also held executive and management roles at AccelOps (acq by Fortinet), Protego (acq by Cisco), Axent (acq by Symantec) and McAfee.
Important Issues:
  • Closing hybrid IT access security gaps.
  • Piecemeal IoT defenses.
  • New consumption blind spots.
Direction for CSOs and Decision Makers:
  1. Hybrid IT phased migration.
  2. Policy-based orchestration.
  3. VPN and NAC integration.
Professionals drowning in meaningless alerts demand “less is more” approach
Joseph Polverari, CEO - Versive - San Francisco, CA USA

As we all know, cybersecurity companies are racing to use AI to improve security, but most still fail to stop or even slow down adversaries. Bolting on machine learning on to an anomaly detection framework only surfaces more anomalies. Networks are very noisy, and most tools are unable to separate the merely anomalous from the truly suspicious. Sadly, CISOs and security teams have become trained to expect this “cyber theatre” and falsely believe that a solution is more effective because it is sending more alerts.  

But as the old adage goes, quantity doesn’t mean quality. In cybersecurity, delivering less to the analyst will ultimately provide them more value. How?

Delivering genuinely valuable results over a barrage of clutter requires a radically different methodology: one that is abstracted away from the detection of specific tools, signatures, and IoCs. All adversaries (from the simplest to the most sophisticated) must engage in core campaign behaviors that are effectively impossible for them to avoid, and these behaviors reveal themselves in internal network data. Focusing on campaign behavior makes it possible to eliminate the vast majority of meaningless alerts you get today, in favor of connected activities that highlight genuine adversary behavior.

The greatest opportunity for defenders to take back the upper hand is an abstraction away from detection of ever-changing tools and the resulting endless stream of alerts, and towards the investigation of the few, readily actionable summaries of unfolding adversary campaigns. New solutions that cut through noise will enable professionals to work smarter. 

Brief Biography
Joe is responsible for driving overall business and operational strategies to accelerate growth. His expertise is in delivering disruptive technologies that solve complex, machine-scale enterprise problems.

Prior to Versive, Joe was Chief Strategy & Development Officer at Yodlee, responsible for global strategy, go to market, business and corporate development activities, and entrepreneurship. Joe has over 20 years of experience in multinational business strategy, including two IPOs.

Joe holds a BS in Economics and Juris Doctorate from Santa Clara University, and a certificate in business management from the Stanford Graduate School of Business.
Important Issues:
  • Netflow capture.
  • Cloud security.
  • Artificial Intelligence / Machine Learning.
Direction for CSOs and Decision Makers:
  1. Embrace netflow capture for internal network visibility.
  2. Focus on understanding holistic adversary campaigns, not alerts.
  3. Apply the same security scrutiny to cloud-based assets as your on-premises assets.
GDPR will have enormous impact on the global security landscape
Ambuj Kumar, CEO and co-founder - Fortanix - Mountain View, CA USA

GDPR is a binding, legislative act where companies can be fined for not being compliant. Any data that can be used to identify a person – directly or indirectly – such as financial data, photos, home addresses, medical information, social media, IP addresses, is all protected under the GDPR. This includes organizations on a global level that collect data and distribute it across multiple data centers and nations. Being GDPR compliant involves a lot more than technology, as companies also need to create a culture of privacy and adopt initiatives for business process change. Sensitive data can be collected from customers only for legitimate business needs. Companies need to understand their exposure and commit to continuous compliance. Efforts need to be driven by business unit leaders, legal teams and IT teams coming together to help ensure this commitment. In addition, they need to be open to embrace the methods that will ensure privacy protection. 

Brief Biography
Prior to founding Fortanix, Ambuj was lead architect at Cryptography Research Inc. where he led and developed many of the company's security technologies that go into millions of devices every year. Previously, he worked for NVIDIA where he designed world's most advanced computer chips including world's fastest memory controller. He has Bachelor of Technology from IIT Kanpur and Masters of Science from Stanford University, both in EE.
Important Issues:
  • GDPR
  • BYOK
  • Runtime Encryption
Direction for CSOs and Decision Makers:
  1. GDPR requires a people, process and technology approach with encryption and key management technologies playing a fundamental role for privacy.
  2. Encrypt your data to securely adopt public cloud but use BYOK to remain in control and avoid vendor lock-in.
  3. Establish policies for running highly sensitive workloads in untrusted environments of public cloud and evaluate new technologies that provide Runtime Encryption protection.
Rapid convergence in the application security product market
Jeff Williams, Chief Technology Officer and Co-Founder - Contrast Security - Baltimore, Maryland, USA

The need for application security has never been more critical. As businesses are transformed from real world functions into digital ones, the amount of code being produced continues to skyrocket. We are seeing a rapid increase in the number of libraries and frameworks in use, the number of connections made by applications and APIs and the speed of deployment. All of these factors make applications more difficult to secure. Meanwhile, applications are being used for more and more critical things. To anyone paying attention, it's pretty obvious that we'll see more and more breaches in 2018 and beyond. 

In order to make progress in application security, we must automate. There simply aren't enough experts to do the job manually. In fact, tools designed for experts don't help, as they are difficult to install, burdensome to run and complex to interpret the output. If an expert has to be involved, it's really not automation at all. We need tools that novice developers and operations staff can use effectively. To scale effectively, application security tools have to run continuously across an entire application portfolio in parallel. 

Application security is too important to trust to a patchwork of unintegrated tools. The market in 2018 will driving towards a unified approach that covers organizations in two ways. Developers are empowered to deliver clean, secure code and operations gains confidence that attacks are identified and blocked in production. 

Brief Biography
Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast. Previously, Jeff was co-founder and CEO of Aspect Security, a successful and innovative application security consulting company acquired by Ernst & Young. Jeff is also a founder and major contributor to OWASP, where he served as the Chair of the OWASP Board for 8 years.
Important Issues:
  • Organizations that move to DevSecOps will thrive against their competition.
  • Attacks after a vulnerability disclosure will happen faster than ever.
  • Federal breach legislation will force companies to disclose breaches quickly.
Direction for CSOs and Decision Makers:
  1. Increase the focus on application security within security budgets.
  2. Aggressively embrace cloud and DevSecOps.
  3. Add new approaches, not new employees, to fix the cybersecurity skills gap.
This is the year for Blockchain - no really!
Jason Remillard, Co-founder and Chief Technology Officer -Prevoty - Los Angeles, CA USA

X/Y/Z-Coin aside, 2017 can be considered the epoch for blockchain technologies entering mainstream. With so many use cases to work with (really - just consider what a RDBMS or a public RESTFul API is used for today) - the technical challenges of blockchain are well handled. Anyone now can start, host and manage their own blockchain. This will spawn off a whole wave of integration, collaboration and synchronization requirements.  

More importantly for Data443 - all of this requires security, encryption, identity, reporting, and other standard IT security use cases - WE WILL BE THERE.  

For example, just this week some great news out of Davos that (for me anyways) has an audacious goal - a blockchain for every identity on the planet (specifically the over 1.5 BILLION - that can not prove an identity). We are used to audacious goals of the past (Google organizing the worlds' information, Facebook connecting everyone that wants to, etc.). - we are going to be there in a supportive and key role - its going to be a busy 2018!

Brief Biography
Jason Remillard, MBA, CISSP is the President of Data443 Risk Mitigation, Inc. (OTCPK: LDSR). He is a founding member of the Blockchain Executive Group and has been involved in various types of financing and trading activities during his career. He is also the former VP of CISO Global Security Architecture and Engineering at Deutsche Bank. He has been in the security business for over 25 years.
Important Issues:
  • Data Security and Protection - in a distribution world.
  • Identity Proof and Governance.
  • Data Privacy - and letting your customers manage it themselves - you have to 'release' it!
Direction for CSOs and Decision Makers:
  1. Don't forget the basics! - defence in depth, testing and validation, etc.
  2. Trust no one! - your third party risk and compliance programs will probably need much more support this year.
  3. Leverage and contribute to your network! We are all in this together - everyone will have great ideas and guidance - use it!
Protecting against exploits in production becomes a cornerstone in cyberdefense
Kunal Anand, Co-founder and Chief Technology Officer -Prevoty - Los Angeles, CA USA

With recent breaches getting more impactful and damaging than ever, organizations need to stay ahead of the threat curve and invest more in defensive measures. Post recent breaches, the importance of protecting applications has reached new heights with the understanding that most breaches occur through exploitation of inherent vulnerabilities in applications. We predict that security budgets will once again increase, due to the fact that despite consistent increases in spending over the last few years, the bad guys remain successful in their endeavors to wreak havoc. The ability to protect against those exploits in production will become a cornerstone in cyberdefense. 

Brief Biography
Kunal Anand is co-founder and CTO of Prevoty, the leading provider of autonomous application security solutions. Previously, he was Director of Technology at the BBC Worldwide, overseeing engineering and operations across the company’s global digital entertainment and gaming initiatives. Anand also has several years of experience leading security, data and engineering at Gravity, MySpace and NASA’s jet propulsion laboratory. His work has been featured in Wired Magazine and Fast Company. He continues to develop the patented security technologies that power Prevoty’s core products. Anand received a Bachelor of Science from Babson College.
Important Issues:
  • Legacy application risk - Many organizations are still deploying legacy apps with known and unknown risk. Resource scarcity negatively impacts SSDLC programs; DevOps simply isn't a viable solution. As an industry, we need to come up with alternatives.
  • Wrapping security around a decentralized world - containers, IoT, and micro-services, are making it incredibly difficult for security teams to architect and implement security controls. We need to collectively create best practices.
  • Noise reduction and better issue identification - There is just too much noise produced by point solutions and the SOC can't scale exponentially. As an industry, we need to create better frameworks/models to filter noise & identify real security events.
Direction for CSOs and Decision Makers:
  1. As computer workloads move to the cloud, CISOs need to re-evaluate their budgets and focus on what's relevant.
  2. Leverage DevOps for better application monitoring. rather than looking at DevOps as a means to deploy code, I suggest that CISOs should look at trying to capture the pulse of what's already happening in production.
2018 Will Be a Year of Huge, Automated Attacks
Chandra Pandey, Founder and CEO - Seceon - Westford, MA USA

2018 will be a year in which cyber-attacks will target industries hitherto bypassed by the majority of digital criminals. Manufacturing will be hit hard as well as healthcare and financial sectors, particularly as attack vectors increase and attackers figure out how to automate attacks for bigger and better pay offs. Looming regulatory compliance requirements will also present challenges for small and mid-sized businesses.

Would-be invaders know how to leverage or steal huge computing power to go after smaller, less protected businesses giving attackers easier targets with valuable payouts. More attacks will be directed towards small and medium sized banks, hospitals, manufacturers.

Therefore, you will see these companies turning to managed service providers to better protect themselves against today’s maelstrom of rapidly evolving threats. The threat landscape demands automated threat detection and elimination with greater accuracy than humans or traditional perimeter defenses can provide. MSSPs are under pressure to deliver affordable differentiated services to clients, easily deployed at scale, simplifying on-boarding and growth of new clients.

As such they will continue to evolve traditional offerings with new services specifically aimed at delivering managed detection and response (MDR). According to Gartner, by 2020, 80% of worldwide MSSPs will offer MDR-type services. MDR is a natural service extension, especially when it comes to supporting resource-constrained SMB customers. By enabling MSSP partners to deliver MDR services vendors like Seceon will play a strategic role in new provider offerings by embedding real-time, automated threat detection and remediation solution in these services.

Brief Biography
Before founding Seceon, Chandra was General Manager and Vice President of Platform Solutions, BTI Systems. He led the global team launch of the Intelligent Secure Cloud Connect platform to more than 20 deployments in less than 18 months. Chandra has also held senior leadership roles at Juniper Networks, Ciena, Lucent and HP. At Juniper, he led the worldwide Solutions Architecture and Engineering teams, delivering integrated security solutions for enterprise, service provider, managed service organization and major OEM partners. Chandra holds multiple patents in application virtualization, highly scalable data center architecture, scalable multicast distribution and power optimization for high performance computers.
Important Issues:
  • Delivering zero-trust security with machine learning and AI-based automated threat detection and response.
  • GDPR compliance.
  • IoT.
Direction for CSOs and Decision Makers:
  1. Implement solutions that increase visibility across all aspects of your network (applications, users, hosts, services) and enable your security teams to automatically analyze and detect anomalous activity and eliminate it before it inflicts damage.
  2. Increasingly complex networks, platforms and applications demand scalable security solutions that can ingest critical data points for analysis.
  3. Time is not on your side; seek to address prioritized threats - existing and zero-day - in real time.
Spear phishing becomes more dangerous method of cyber attack
Amy Baker, VP of Marketing - Wombat Security Technologies - Pittsburgh, Pennsylvania, USA

While phishing, in general, will remain a prominent cyber threat in 2018, we expect spear phishing to be more frequently used by cybercriminals to narrow in on high-value targets. We studied spear phishing in our 2018 State of the Phish™ Report, and found good and bad news: On average, 13% fewer companies said they experienced this form of attack in 2017 than in 2016. However, many of the organizations that did experience spear phishing in 2017 reported an alarmingly high frequency each quarter. Eight percent of organizations we surveyed experienced 26 or more spear phishing attacks per quarter. An additional 21% of businesses recorded between 6 and 15 attacks per quarter. 

Spear phishing is a type of social engineering attack in which cybercriminals tap into multiple sources of information — like social media postings and voice phishing (vishing) calls — to gather details that personalize their attacks, making them very difficult for users to spot. These techniques are often used in damaging business email compromise (BEC) attacks, which the FBI and others have flagged as pervasive threats. These types of targeted, sophisticated attacks can lead to fraudulent wire transfers or loss of sensitive employee data (like W-2 statements or other tax information), and absolutely rely on end-user participation for success. The ideal strategy against spear phishing emails — given that technology safeguards often miss them — is a proactive, comprehensive training program that helps users identify and avoid the hallmarks of these types of attacks.

Brief Biography
Amy Baker, Vice President at Wombat Security Technologies, has been in the information technology and security industry for more than 25 years and has been specifically focused on infosecurity awareness and training for the last several years. Amy led the development of Wombat’s Best Practices Methodology for Security Education programs and, along with her team, drives the enhancement of Wombat’s security education software. She has presented at Gartner Security and Risk Management summits, ISSA, ISACA, eCrime Congress, SecureWorld, and Security Current.
Important Issues:
  • GDPR compliance.
  • Data integrity.
  • End-user awareness.
Direction for CSOs and Decision Makers:
  1. Take a proactive, continuous approach to cybersecurity awareness training.
  2. Make cybersecurity a top-down, side-to-side initiative within your organization.
  3. Don’t assume technology will save you, invest in the human element of security.
Better personal data protection by the GDPR deadline
Kris Lahiri, Data Protection Officer - Egnyte - Mountain View, CA USA

On May 25, 2018, the General Data Protection Regulation (GDPR) will apply across all 28-Member States of the European Union (EU). This will impact all businesses dealing with personal data and usher in significant changes to currently used processes and tools. 

Implementation of the GDPR should prompt companies worldwide to conduct comprehensive assessments of all current processes and procedures used to handle any data, with a close look at procedures for handling personal data.

Focusing on breach management and updating notification processes should help ensure companies pay close attention to this extremely important aspect of cybersecurity. Although the GDPR is directed at protecting the data of EU residents, it will undoubtedly impact businesses worldwide as they look toward implementation. 

This regulation is expected to raise data handling standards across all industries.

Brief Biography
Kris is a co-founder of Egnyte. He is responsible for Egnyte's security and compliance, as well as the core infrastructure, including storage and data center operations. Prior to Egnyte, Kris spent many years in the design and deployment of large-scale infrastructures for Fortune 100 customers of Valdero and KPMG Consulting. Kris has a B.Tech in Engineering from the Indian Institute of Technology, Banaras, and an MS from the University of Cincinnati.
Important Issues:
  • Locating and classifying personal data.
  • Ransomware protection.
  • User behavior analytics.
Direction for CSOs and Decision Makers:
  1. Work closely with line of business leaders to truly understand their workflows. This will help head off shadow IT and foster healthy collaboration across all roles within the company.
  2. Continuously re-evaluate the skills that are available to you both internally and externally. The security landscape changes so rapidly that it’s important for your team to be able to rely on outside help and not be overwhelmed with responsibilities.
  3. Embrace automation and apply the philosophy of Dev-Sec-Ops as relevant to you.
Security companies will adopt new automation technologies in 2018
Jack Miller, Chief Information Security Officer - SlashNext - Pleasanton, CA USA

Over the last few years we have seen significant increases in the amount of file-less attacks like social engineering attacks. Current security technologies are often too cumbersome and complex, which requires added staff to identify and block incoming attacks. Consequently, in 2018, more security experts will adopt automated systems that use cognitive computing techniques to immediately identify incoming attacks and produce a fast binary verdict of either “safe” or “malicious.” The training and awareness programs that have been implemented to address these threats have proved ineffective and will be augmented with technical controls that leverage cognitive computing to protect employees when they access the Internet. 

Brief Biography
Jack Miller brings more than 25 years overall experience and 18 years’ experience as a CISO from a variety of industries to SlashNext. Prior to SlashNext, Jack held an executive in residence role at Norwest Venture Partners where he contributed to the SlashNext evaluation and funding decision. Jack served as CISO at American Automobile Association (AAA - Auto Club Enterprises), Orange County and Riverside County and as a Corporate Information Security Officer at Pacific Life Insurance. Jack has authored a cybersecurity patent, security bylines for numerous technology publications and speaks regularly at industry conferences and events.
Important Issues:
  • Plugging the current talent shortfalls.
  • Providing adequate funding for security budgets.
  • Adopting new and innovative technologies.
Direction for CSOs and Decision Makers:
  1. Don’t assume employees can think like hackers, instead support them with orchestration tools that automate the interaction between various security systems, eliminating the need for manual intervention.
  2. Don’t assume hackers don’t want anything your company has, or the need to worry about security because their company is small or flies under the radar. Assume they want what you have, even if it's just access to your big partners or customers.
  3. Look at security as an evolving investment. Don't assume that the technologies which stopped malware ten years ago will stop the latest types of attacks now.
Continued increase in fileless and memory-based attacks
Satya Gupta, Co-founder and Chief Technology Officer - Virsec - San Jose, CA USA

In the second half of 2017 we saw more than a tenfold increase in major fileless and memory-based attacks, driven by their effectiveness and ongoing damage from the Shadow Brokers leaks. We expect this trend to continue well into 2018, until security vendors find more effective means to block these attacks. 

Brief Biography
Satya Gupta is Virsec’s visionary and has over 25 years of expertise in embedded systems, network security and systems architecture. Prior to Virsec, he was Director of Firmware Engineering at Narad Networks and Managing Director and Chief Engineer at Eastern Telecom and Tech Ltd. Satya holds six patents in complex firmware architecture with products deployed to hundreds of thousands of users. He holds a BS degree in Engineering from the Indian Institute of Technology in Kanpur and additional degrees from the University of Massachusetts at Lowell.
Important Issues:
  • Application security.
  • Memory-based and fileless attacks.
  • Ongoing fallout from Spectre and Meltdown.
Direction for CSOs and Decision Makers:
  1. Change your mindset from chasing threats to stopping real attacks.
  2. Perimeter security is increasingly irrelevant, especially as infrastructure moves to the cloud.
  3. Applications are the new security battleground – secure them first, not last.
Businesses get stronger through cyber resilience, if they prepare
Chris Moyer, Vice President & General Manager, Security - DXC Technology - Tysonse, VA USA

Companies know that security threats are an inevitable part of running a business in today’s connected world. In 2018, enterprises will become more resilient by planning, practicing, measuring and continuously refining their response to cyber-attacks, threats and vulnerabilities. Despite the many destabilizers facing enterprises today, businesses will gain strength through frequent cyber resilience drills that stress the end to end process. 

Brief Biography
Chris leads DXC Technology Security services, the world’s largest independent security services company. He provides strategy to implementation focused end-to-end Security services protecting, detecting and responding to the enterprise risk management needs of leading organizations. With over 4,000 security professionals, 16 global security operations centers - DXC Security powers digital transformations for enterprises with solutions tuned to industry needs.
Important Issues:
  • Cyberwarfare gets hotter.
  • Ransomware gains sophistication.
  • Patching increases, fueling enterprise frustration.
Direction for CSOs and Decision Makers:
  1. Focus on application security, promote DevSecOps development practices and invest in training and data handling; advocate for the practice of building in security at the start of any software development project.
  2. Before deploying security solutions, evaluate information security and make sure it still meets your organization’s needs with the changes in digital use and updates in regulations and legislation.
  3. Scanning the horizon for new threats and countermeasures is critical to protecting the business. Invest in Threat Monitoring and Detection solutions that integrate into your Security Operation Centers.