By Dotan Nahum, Head of Developer-First Security, Check Point Software Technologies
Cybersecurity is Changing: Is the Experience Positive or Negative?
Unfortunately, cybersecurity and cybercrime represent the age-old Hollywood trope famously conjured up in the Batman franchise: bad guys and good guys need one another to survive. Whether cybersecurity has changed is no question – and cybercrime has clearly kept pace. How it’s changed, on the other hand, is an evergreen debate, as we’ll explore in this article.
First, the Good…
Thanks to the ultra-accessible ChatGPT, ‘AI’ is the buzzword defining 2023 so far. AI and ML have created immense innovation in cybersecurity, as algorithms can detect patterns in enormous amounts of data to predict and monitor threats. Moreover, automating repetitive tasks frees up time for cybersecurity staff to focus on fighting other fires. Quantum computing, a masterful AI enhancer, has revolutionized data protection through ultra-secure encryption that classical computers simply cannot solve.
Public awareness of cybersecurity sits at the same magnitude as that of AI. Government regulations and enterprise incentives (like huge fines for data breaches) have turned strategies like password policies and multi-factor authentication from tech-savvy exclusivities to everyday commonalities. In the workplace, scam simulations and phishing training crop up regularly in employees’ schedules, especially for medium to large businesses in industries like tech, education, and healthcare.
With that being said, awareness doesn’t always turn to action. Only 31% of businesses have a formal approach to organization-wide cyber resilience, bringing us to the bad.
Next, the Bad…
AI provides just as many headaches as it does successes. Criminals easily replicate communication patterns to launch realistic and advanced social engineering attacks that are increasingly difficult for security automation tools to detect, highlighting the importance of software patches and an updated tech stack.
For example, 3.4 billion phishing emails are sent every day. With AI, hackers don’t even need to write them. Automated, personalized, and targeted attacks can run at scale, and AI-powered natural language generation creates frightening video and audio scams using deep fakes.
The lack of clarity provided by the government on AI ethics and regulation is both troubling and confusing for businesses and users. While stringent regulations have been rolled out to outline data privacy best practices, AI hasn’t yet received the same treatment. For example, who owns the training data? Where does copyright come into the equation?
The blurred ethical line hasn’t quite been erased in its entirety. Legislation like GDPR in Europe has defined best practices and legal requirements for collecting, managing, and storing personal data. But the law doesn’t offset the increased user surveillance in the name of cybersecurity, and market activity suggests users aren’t totally on security’s side. The global analog consumer electronics market will grow 8.56% between 2022 and 2027, reaching a valuation of $66.5 billion – a coincidence or a sign that the tide is changing in the court of public option?
Finally, the Future…
Cloud computing meets the needs of modern businesses – it’s a lower-cost, flexible, and reliable way for companies to function. Despite inflationary pressures and macroeconomic uncertainties, Gartner expects worldwide spending on public cloud services to reach $600 billion this year. As cloud migration continues, cloud security should be at the top of every business’s to-do list. The risks of unauthorized access, data breaches, and compliance failures are enormous, so best practices like access control and encryption will remain critical long into the future.
Internet of Things (IoT) devices are just one example of technology that benefits from cloud infrastructure. Nowadays, we even want our washing machines and pens to connect to the internet, which is somewhat contradictory to the demand for analog devices. So, what’s going on? Well, it seems that the IoT sector has swept the business world off its feet more so than everyday users.
The 5G ecosystem enables faster and more reliable communication and connectivity between online assets, digital systems, and the 29 billion IoT devices worldwide. Industries like healthcare and manufacturing can hugely benefit from the proliferation of the IoT sector, especially regarding efficiency and automation. Yet, some serious cybersecurity challenges surround IoT devices – many have limited built-in security features and transmit sensitive data across entire networks. Turning to trusted manufacturers and implementing advanced authentication methods will be essential if enterprises want to maximize IoT and 5G use cases.
The cherry on the cake is that, no matter what happens with cybersecurity in the next few years, we don’t have enough people to protect our digital footprints. 88% of enterprises report cybersecurity talent gaps, and demand for application and cloud security skills will grow by 164% and 115% in the next five years. Average salaries will increase (a big win for cybersecurity teams). Still, it will be more difficult for security professionals to get a permanent seat on enterprise boards – and access adequate budget.
It’s Time to Predict the Unpredictable
Whether you’re an ‘I’ll take the usual, please’ type of person or more likely to say ‘Let’s go for it!’, you probably have an option on the power of change. For some, it’s an annoying disruption to their everyday flow. For others, it’s a driver for innovation and technological advancement. Just make sure you put up a ‘safety first’ sign before diving in.
About the Author
Dotan Nahum is the Head of Developer-First Security at Check Point Software Technologies. Dotan was the co-founder and CEO at Spectralops, which was acquired by Check Point Software, and now is the Head of Developer-First Security. Dotan is an experienced hands-on technological guru & code ninja. Major open-source contributor. High expertise with React, Node.js, Go, React Native, distributed systems and infrastructure (Hadoop, Spark, Docker, AWS, etc.) Dotan can be reached online at email@example.com and https://twitter.com/jondot and at our company website https://spectralops.io/