As a cybersecurity company, our employees are always looking ahead to see what’s on the 2019 threat horizon. The great news is that, as we reported regularly on BluVector Threat Report, BluVector continues to use its AI-driven security network knowledge to find new threats without signatures.
Yet, I was curious. So, I decided to ask our leadership about what they’re thinking about in 2019 (you can read Dave Capuano’s comment in Forbes’ 60 Cybersecurity Predictions For 2019). As you can imagine, there’s no simple, single view about what cybersecurity trends or developments will signify the biggest changes in the industry or the challenges that organizations face. Yet, as an AI-driven network security platform company, we know that the powers of machine learning and AI are a growing focal point for companies… and a growing concern as attackers are starting to incorporate these technologies into their attacks (as we talked about in our recent On-Demand Webinar: Weaponizing AI: The Future of Cybersecurity.
“Disinformation and hate speech have outgrown the digital infrastructure’s ability to identify, manage and contain them. As a result, a discussion about the need for a content delivery ecosystem that promotes (and values) ‘truth’ has gone mainstream. This year, the cold reality will hit us that there really is no single truth; truth has become debatable regardless of the evidence, and determining truth is less about representing facts than about picking sides.
In 2019, I predict that it will become clear that the information and analytics systems that are on the bleeding edge of creating and policing truth – particularly AI-based technologies – are themselves part of the ‘bias’ problem. This will lead to the start of a fundamental shift in how we think about truth – not in binary terms – but as points on a spectrum, with underlying information systems and analytics systems under fire for their inability to either measure or enforce the integrity of their underlying data sets and analytics methods.”
Kris Lovejoy, CEO, BluVector
“In 2019, I predict that organizations will finally realize that reactive cybersecurity doesn’t work anymore. Reactive cybersecurity examples include check the box compliance (which hasn’t evolved in 15 years), an over-reliance on signatures/threat intelligence (“a next generation form of signatures”) or waiting to respond to a breach.
I’m hopeful organizations who rely on outdated and reactive approaches to cybersecurity will evolve and incorporate a proactive approach to cybersecurity and mitigating threats. As we’ve seen over the years, cyber threat actors adapt faster than compliance standards or signatures can be updated. If organizations don’t evolve and become more proactive in their approach to cybersecurity, and cyber adversaries become more destructive and disruptive, I also predict that more and more organizations will be gravely impacted and go out of business.”
Travis Rosiek, CTSO, BluVector
“I predict that within the next year we will have the first confirmed use of artificial intelligence/machine learning in the delivery, development or deployment of malware. Today, many in the security industry assume that adversaries will leverage AI/ML to improve their breach success rates and return on investment. We have yet to identify such complexity, however, in the wild. This will change in 2019. Analysts are becoming more aware of the tell-tale signs of the use of AI/ML in how malware is constructed by their creators and what behaviors it performs once deployed.”
Dr. Scott Miserendino, VP, Research and Development, BluVector