​The Next Five Years of Security Threats… or not

This article was going to be a report on a session from the recent Technology in Government conference held in Canberra. The title of the session promised a great deal – “The Next Five Years of Security Threats”. And the synopsis suggested we’d hear about what opportunities will disruptive technologies provide hackers, best practice to mitigate emerging threats and whether governments can share data securely?

However, the session highlighted something that’s been patently clear to anyone trying to impartially cover what’s been happening in the security business.

When the rubber hits the road, many security vendors and other so-called experts fall back to the familiar methods that we’ve employed for almost two decades that no longer work.

The three panelists were Nathan Steiner, Head of Systems Engineering ANZ for Veeam Software, Rob Sherwood, Chief Technology Officer at Big Switch Networks, and Rupert Taylor-Price, Chief Executive Officer of Vault Systems.

Each panelist was given a few minutes to address the audience of about 50 during the event’s Secure Government stream.

Taylor-Price opened the discussion noting “If you have good hygiene around your organisation or your agency, it is very hard for attackers who will then choose easier targets”.

He added that an adversary with lots of money could compromise you regardless of your defences.

Importantly, Taylor-Price mentioned that internal threats must be considered whether they come from intentional actions or through accidental security breaches.

But after his five minutes or so, Taylor-Price didn’t address the topic of the next five years of threats other than to say it’s very hard to detect threats.

Still, there were two more speakers and I remained hopeful of hearing something new.

Sherwood received the microphone from Taylor-Price and opened with “The biggest barrier to security is network complexity. You can have all the data you want but if you don’t understand what your systems are doing then it’s very hard to make sense of that data”.

He then went on to tell the room about what his company does to overcome that problem. But nothing about the next five years of threats.

The third speaker, Steiner from Veeam Software, told the room his company attacked the problem from a data management and data protection perspective. The good news that he mentioned looking at how this could be used over the next five years. But he then fell back to a similar line to Sherwood, talking about knowing how systems work and how they use data.

It would be easy to pick on the three speakers and the moderator of the discussion, the CEO of Internet Australia Laurie Patton. But having attended dozens of security event and speaking to many experts over the last few years, it’s clear to me the security industry is locked into a reactionary mindset.

We see a threat and issue a remedy for it.

A couple of weeks ago, researchers released tools for circumventing the effects of ransomware attacks. Don’t get me wrong – this is a good thing.

But where’s the research that actually stops ransomware from working? Or stops it from even getting to the computer?

During the 2014 RSA Conference in San Francisco, the idea of threat intelligence – putting together data feeds so we can predict or stifle cyberattacks before they cause damage received a lot of attention.

But a look at how it’s being applied today sees the effort mainly focussed on detecting attacks after they have occurred in order to mitigate damage. The SEIM industry, as important as it is, is predicated on something anomalous already being inside the network.

We are still no closer to stopping attacks from reaching the permiter, much less preventing breaches. We need to move from the “You’re hacked – get over it” mindset into a long-term posture.

This session was meant to address “The Next Five Years of Security Threats”. It didn’t. Even when I asked the panel for some pointers to what was coming in the future, they were unable to effectively answer.

It would be easy to point the finger at the three panellists and the moderator. But their inability to see beyond today’s problems and challenges is endemic to the security industry. The ability to see beyond the now is something that the industry is sorely lacking at the moment.

Join the CSO newsletter!

Error: Please check your email address.

Tags Outware MobileSnapSendSolve@techingovauTechnology In GovernmentSeeClickFixcyber security#techingovauAnthony CaruanaTech in GovAnthony Caruanacanberraopen dataopen governmentgovernmentTechinGovAUCSO Australia

More about Big Switch NetworksPattonRSASherwoodTechnologyVeeamVeeam Software

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts