The summer months in the UK has been recorded as the longest and one of the warmest and this has resulted in people getting to spend lots of time with family and friends. After the frenzy leading up to May 25th and the implementation of the GDPR programme, for those working in security it will have come as a relief. Surprisingly the volume of high profile breaches post implementation has been low. Is this a testament to the new regulations and the work put in or is it a calm before autumn rushes in a raft of announcements.
Computing Magazine published an article with quotes from one city law firm, FreshField, which stated that they had seen a year on year ten fold increase in security breach cases since the implementation of GDPR. If this is the case then there is a noticeable quietness on the communication front or a mastery in PR. The article highlighted that last year the law firm was handling three cases a month, but is now approached for advice on a daily basis.
In this issue we have a diverse range of articles from blockchain security to a look at quantum computing and how that like blockchain can add extra security but the article on social engineering reminds us that the human always remains the weaker link.
As we move into Autumn we gear up for buying more gadgets and Black Friday from a retail perspective offers everyone an excellent chance to stock up at a lower cost on connected devices. The growth of the internet of things market is accelerating. Cars are already smart and becoming smarter. There is a big push to build smarter cities. Without realizing it many of us are building smart homes and there is an excellent article within on the risks this brings and why insurance companies are struggling to quantify how to insure smart homes.
The smart home will bring many challenges for those of us who are not intimately technical and familiar with security and that will likely bring rise to new industries forming. Already some companies are ahead of the curve in their investments such as Cisco and perhaps more surprisingly Bosch, which demonstrates the expectation of the commercial opportunity that will rapidly evolve.
Even the Security Operation Centres are becoming smarter and another excellent article from AnCom, equivalent to the UK Ofcom, which is the national authority for management and regulation of communication sets out how the SOC is having to evolve and become smarter along with a different structure for managing this as the roles evolve.
Some traditional SIEM providers are evolving too by making their services more automated, whilst others are buying companies who provide the automated response component that the largely passive, as opposed to reactive SIEM solutions, in the main, offer today.
This part of the market is starting to become of age having recently been recognized by Gartner as a SOAR category, that acronym standing for Security, Orchestration, Automation and Response.
These trends are increasingly pointing toward a future that takes us toward the self-defending network. The objective here is to enable technology to do the majority of the work, automating tasks and taking actions, being overseen by a human operator but essentially the system operating on auto-pilot. There are many benefits to achieving such a goal as it would enable the human risk element to be significantly decreased. For those with smart automotives or smart homes, the day probably can not come quick enough for such a capability to arrive at a cost effective scale.
The concept of a self defending network is simple: Remove the human element from network security, make every device security-aware and enable those devices to automatically respond and prevent threats. The human body instinctively operates in the same way when finding common colds and viruses, where the auto-immune system forms antibodies to automatically defend itself without the brain having to “think” about it.
However, self-defending networks, and the technology enabling them, remain in their infancy. Whilst some say it will be decades before networks have the capability to self-defend, the reality is it will be much sooner than most of us think.
The key challenge that has to be solved is inter-operability. Especially making many of these immature technologies sufficiently interoperate with a basic level of self-managing artificial intelligence. The good news is that the building blocks for much of this is already here.
Keeping up to speed with the key trends is critical. For readers of this magazine I would like to make three suggestions:
a. When in London aim to time your meeting to attend a cybertalks evening networking event. If you can not get along aim to watch one of their podcasts. Details can be found on one of the adverts within;
b. Come and join us, along with industry thinkers at the United Nations endorsed conference in Porrentruy, Switzerland at the end of Autumn. Details can be found on one of the adverts within;
c. Start preparing for the Industry CyberSecurity awards. There is a great write up on the award ceremony this year and some of the winners. Details on the entry categories can be found on their website.
The goal of this publication remains to open up knowledge and information sharing across research and commercial activities, so providing a bridge between public and private dialogues, in an aim to help our world operate more safely giving the growing frequency of attacks that seem to endlessly get media attention.
If you would like to contribute articles or have suggestions for us to cover in future editions of the magazine, or even wish to purchase hard copy versions of the magazine to give to your customers, please do contact us via email at firstname.lastname@example.org.
On our website http://www.cybersecuritytrends.uk you can also view publications in other languages /countries and purchase advertorials for future editions.