This includes 2 major capabilities: device fingerprinting which can identify what the device is from a network perspective and understanding network traffic patterns to figure out what a device is doing. Effective next gen endpoint prevention is not just signature based but also able to investigate and detect real-time threats occurring on your network.
Piracy of content continues to plague content distribution ecosystems. This is a common problem for music, book, and video media, costing the industry billions. Material counterfeiting continues to rise as well. While law enforcement efforts strive to address the challenge, the core issues are technical and social. Who created what, who owns what, who can use what? On the technical front, content and material fingerprinting technologies are trying to provide a root of trust for provenance, proving definitively the original creator or manufacturer of cyber or physical media. Tangible and digital assets are being counterfeited and efforts continue to address that. Distributed ledgers can be used to verify fingerprints or signatures of new items in a publicly distributed blockchain – to combat fake news.
Cyber security engineers will design new techniques to protect data and networks inspired by biological approaches like neural networks, genetic algorithms, and forensic virtual machines. Forensic virtual machines detect signature elements of a novel threat before an attack commences. Just as immune systems create multiple triggers that send white blood cells to target viral and other kinds of attacks, future computer systems will be able to deploy thousands of small applications at once to monitor and defuse evolving attacks. Bio-inspired security techniques promise to identify and respond to “zero day” threats swiftly and cost effectively. Conversely, security threats may begin to mimic biologic systems as well, thus creating “ digital security epidemics ”.
Continuing ransomware attacks are expected especially with respect to high value targets like government entities, banks, and health care facilities. Normalization and automation of secure software updates is a common mitigation tactic in use today to deter the impacts.
Think device oriented behavioral profiles. Cisco IETF standard which defines how a device is expected to behave within a network. The goal of MUD is to provide a means for IoThings to signal to the network what sort of access and network functionality they require to properly function. Immutable device identifiers are a big intuitive for CL along with pushing PKI backed certificates into IoT devices. Between identity and behavioral profiles of what a device should be doing, spoofing of a device will become much more difficult.
Traditional data centers have all the security technology at the core, so as traffic moves in a North-South direction, it passes through the security tools and protects the business. The rise of East-West traffic means the traffic bypasses firewalls, intrusion prevention systems, and other security systems enabling malware to spread very quickly. Agile Security Architectures enable the ability to deploy firewalls, Intrusion detection and other security controls in virtual environments and in flexible configurations using security extensions to SDN and NFV to change configs and topologies programmatically in response to security threats. Micro-segmentation and zones are an example of agile architectures. Micro-segmentation is a method of creating secure zones in a data center where resources can be isolated from one another; if a breach happens, the damage is minimized. Micro-segmentation is typically done in software.
Embedded security provides improved protection of cryptographic secrets, accelerates encryption and malware identification, and provides for cost efficient security monitoring. Secure software downloads allow firmware to be safely updated and hardware dynamically managed. The synergy of these features allows pervasive deployment of security capabilities across networks, including encryption, identity management, device and message integrity, and authentication. This enables end-to-end security solutions that significantly simplify operations and improve end user experiences.
Refers to the ability to use hardware acceleration to improve the performance of cryptographic operations which are especially computationally intensive. These Crypto H/W Accelerators are more efficient than GPU based solutions. There are a growing number of application-specific chips on the market that serve as secure key storage and crypto-accelerators for small micro-controllers and are called Secure Elements. With these chips, you not only get high security for device keys, but the cryptographic functions (cipher suites) are hard-coded into the chip and can be accessed through an API. These chips can do a crypto operation in milliseconds and make implementation much simpler. In addition to the secure storage for the keys, the secure element provides hardware acceleration for cryptographic operations that would normally be impractical for small micro-controllers used in small IoT devices. This allows for digital certificate authentication to be used to secure even very small devices.
Self-Sovereign identities are owned by the individuals who creates them. As the owner and the creator of your own private info – you should have control over its lifecycle –including termination, erasure, and visibility into when, where, how it’s to be used. The European Union has broadly adopted GDPR and California just passed one of the toughest data privacy laws which goes into effect in 2020 called the California Consumer Privacy Act of 2018.
Evolvable Programmable Security refers to the ability to employ new security cryptography in an agile way. With programmable hardware, it will be possible to change key lengths on the fly without requiring new hardware. Security mechanisms can adapt to new threats without replacing infrastructure.
By combining the decentralized Blockchain principle with identity verification, a digital ID can be created to act as a digital watermark which can be assigned to every online transaction of any asset. Blockchain technology can be applied to a variety of identity applications (digital identities, passports, e-residency, birth certificates, wedding certificates, IDs, online account logins, etc.). IBM is one company creating a decentralized approach (Blockchain Trusted Identity) to identity management – enabled by Blockchain – building on top of open standards in combination with Decentralized Identity Foundation (DIF), World Wide Web Consortium (W3C) and other standards groups.
Just as AI can be used for cyber-defense, it can be weaponized for offensive purposes. AI & machine learning will help to identify real time threats but also enable hackers to carry out more sophisticated attacks; It's the Electronic Counter Measures and Electronic Counter/Counter Measures (ECM/ECCM) cycle.
Advancements in the development of micro sensors is fast enabling a new generation of medical devices as well as some interesting applications by independent body hobbyists (e.g., DIY Bio-hackers). Implantables like pacemakers and digital insulin monitors are the most compelling examples of this type of technology improving the quality of life. As these technologies become more connected, there is growing concern that they could be “hacked”. Bionyfiken co-founder Hannes Sjoblad had an NFC chip implanted in the skin of his hand so that he would not need to carry a wallet, keys or security card for the office. Websites like Dangerous Things are starting to crop up to offer other DIY bio-hacking and augmentation projects.
Quantum computers are expected to be able to exponentially speed up the process for factoring of keys. It would pretty much destroy RSA, and the situation is similar with all of the other public-key systems currently in common use. Post-quantum cryptography, also known as “quantum-resistant cryptography”, are cryptographic systems that are secure against either classical or quantum computers. Lattice based cryptography, lead by IBM, is another variant of quantum resistant cryptography. NIST recently closed its call for proposal submissions for its new initiative on creating quantum-resistant cryptographic algorithms for new public-key crypto standards (Nov 2107). It received 69 submissions.
No two people act exactly alike – and continuously evolving behavioral profiles could be the answer to the fragmented world of password and 2-factor based authentication schemes and ever rising identity fraud. Behavioral bio-metrics are not new; advances in techniques that use big data and machine learning to uniquely identify people based on hundreds or thousands of unique behavioral traits including observed human traits, personal characteristics (beyond speech, geo-location and device-based indicators) will become commonplace as the mechanism to create unique profiles which can be used for authentication of users in the future.