While there’s heated debate about whether a new decade is actually beginning, the beginning of a new year is always a great time to look back, assess what has happened, and make predictions about the future. That’s why we at Cadre conducted an informal internal survey among our resident experts to assess how much things have changed over the past ten years and where we see the industry going.
After all, an understanding of the past decade of technology security can help you understand how much things can change in a relatively short time span, while predictions can help you anticipate issues and opportunities for your business.
Keep reading to see what we think were the five biggest changes in cybersecurity over the past ten years—and the five developments we think you’ll need to monitor.
A Recap Of The Past Decade Of Technology1. Lack of Social Media Privacy Controls
One of the most visible changes is the boom in social media adoption. The runaway popularity of social media meant that the founders of these platforms—and most users—never pulled back to think about adopting appropriate privacy controls and education. Most social media platforms are relatively new and most businesses weren’t heavily involved in social media promotion until roughly 10 years ago—and the platforms dictated the terms rather than the customers.
The result? The industry was—and still is—ripe for exploitation. Social engineering through social media has made evil hacking a $400+ billion industry worldwide. Users are finally raising an outcry about how their data is legitimately used by these platforms, as well as by the lack of response to hacking. Unfortunately, the longer the social media platforms wait to implement privacy protections, the more costly and difficult it will be in the long run. If you run a consumer-facing business that uses social media log-ins, you should seriously weigh whether the security and privacy risks are worth the convenience to your customers and your company.2. Everyone works in IT
Okay, maybe not literally—but new requirements in technology are coming from non-technical employees, not just from the experts in IT. That’s because, as cloud technology has become more common, the resulting solutions are now available and accessible to departments like marketing and HR.
What does this mean? Not only does this trend impact a company’s security posture, IT no longer can completely position itself as the lone source of technical knowledge. Instead, it now supports an organization of many people who are knowledgeable about IT and are empowered to implement their own technical solutions. The rules of the game have changed, and to secure this new reality, IT needs to adapt and be more of an educator about the shared security responsibility model.
3. Moore's Law
Over the last 30 years, we have witnessed an increase in the speed and capabilities of our computers. This was predicted by Moore’s Law, which stated that the speed and capability of computers will increase exponentially, as costs drop.
This prediction has also held true for storage capacities and throughput. As a result, programmers can pack an ever-increasing number of features into applications and operating systems.
That phenomenon manifests as feature consolidation in the products and solutions we acquire. For example, anti-virus software has evolved into endpoint protection suites. Stateful firewalls are now next-generation gateways crammed with what used to be a collection of point products like URL Filtering, IDS/IPS, DLP, Bot Protection and more—all running efficiently on a single-bus architecture. Other examples are easy to find throughout the spectrum of IT solutions.
However, current single-bus computing architectures are reaching the limits of those advances. As networking platforms have evolved to Software Defined Networking platforms running on ever-increasing link speeds, developers have new methods to scale capacities in both compute and storage architectures. That has led to the cloud architectures we see now, which have fundamentally changed many things about computing.4. Internet of Things (IoT)
The roots of IoT stretch back into the 1980s when a special vending machine that allowed local programmers to remotely see types of available soda was installed at Carnegie Mellon University.
However, over the last decade, just about every consumer product from appliances to doorbells to furniture has been internet-enabled, radically altering the space of our world. (Witness the current debate about Ring doorbells, Amazon, and police surveillance.)
The IoT has allowed both the good (computerization and communication) as well as the bad (the methods and means of attacking our IT spaces).
In short, if you oversee cybersecurity, IoT can mean there are many more routes for evil hackers to access your networks. (Tackle the challenges of IoT devices with these tips.)5. Continual Threat Escalation
As you may have gathered from the previous developments, these changes have resulted in two overarching trends: the constantly increasing need for additional layers of security and a strategic approach managing security. In short, it’s almost impossible to keep up with cybersecurity demands due to amazing increases in computing power, ease of access, and pervasive technology in even the most mundane household items. Over the past ten years, the scope of technology threats has increased immeasurably—and so has the pressure on cybersecurity experts to keep up with every trend. But don’t give up! The next section will share ideas about solutions.
Now for technology predictions for the next decade or so…
Here’s what our team of experts had to say about what they saw coming and how it could affect your business and your life.
1. The “Death” of IT
In the not too distant future, IT will die—not because something replaces or kills it. Instead, it will die because it has become truly ubiquitous. As we mentioned in the recap section, this change is already underway. We will continue to expand our idea of technology; instead of thinking of it as creating new spaces, it will become the spaces it inhabits.
This means all our jobs will evolve. For example, sociologists will be data analysts, surgeons will be technicians, and security guards will be evaluators of technology outputs. The IT function will no longer “own” information technology, but instead will guide and advise, establishing parameters and auditing activities. In addition, IT Security will become the security function with physical security as the adjunct activity.
2. High-speed Networks
In the future, 5G networks will be a very challenging issue for cybersecurity. Not only will the internet be faster, the design of 5G will mean that an estimated 75 billion new devices will be connecting to the internet annually. Many of these devices will be on critical infrastructure, running critical applications at speeds estimated to be hundreds of times over what we currently see. This will not only provide the architecture for many great and impactful initiatives, it will also greatly alter the threats. Cybercrime maybe come less of an invisible, financially driven issue; instead, real and serious physical damage will occur at a 5G pace. In turn, this will require even more vigilance and knowledge on the part of cybersecurity professionals.
3. Foundational Shifts in Cryptography
By the end of the next decade, the world will witness massive change in the science of cryptography. Since authentication and cryptography are the foundation of cybersecurity, all our current security infrastructure, knowledge, and controls could be rendered obsolete if quantum entanglement communications and quantum cryptography make it through a few more technical hurdles.
Some are dubious about this development because quantum computers and entanglement communications are currently too costly and difficult to use to be more than a curiosity. However, this is similar to criticism about the personal computer in comparison to mainframes—and fewer than ten years later, PCs had revolutionized the world.
While this prediction right now appears longer-term than most of the others, this is definitely an area to monitor over the next few years.
4. Disruption: The New Normal
Advances in networking technologies will continue to drive innovations, and market disruption will become the new normal, even for companies that seemed impervious to these trends. This means power centers of industry will continue to shift to information technology players.
For example, compute workloads can currently be placed anywhere. As humankind increasingly has access to more and more information at our fingertips, not only will a remote workforce continue to grow in numbers, jobs will continue to be automated out of existence. Both are developments that will increasingly affect businesses.
Overall, society needs to anticipate and think carefully about changes. We should work to ensure a utopian future by laying a foundation of laws and regulations that guides the implementation of our new super-computing platforms and bots.
5. The Intersection of Tech and Business
As you might have gathered from all the predictions, only the largest corporations have the resources for an internal workforce with the specialized knowledge needed to keep up with the leaps and bounds—both positive and negative—we’ll see in the next decade. To stay competitive, companies need to weigh both business and tech needs. After all, if you’ve already set up your security with your business needs in mind, you’re far more likely to have an effective system in place that can evolve as needed when all these developments are realized.
We’re all familiar with the shortage of skilled technical people, and when you start looking for those who also possess an understanding of business strategy—well, the list gets really short and the candidates get very costly. That’s why a trusted security advisor is often the best way to get the skills you need. Since it’s already almost impossible for one person to keep up with the firehose blast of advancements, the predictions on this list make a strong argument for the team approach. You can assemble your own unofficial “board of advisors” who have the skills you need or you can hire an objective team to bring the members’ expertise to the table.
One thing is sure: technology will continue to be the core of every business as we know it and advances will continue to come at us in ways we may not even be able to imagine right now.That’s why it’s so important to ensure your business is equipped to evolve.
In the future, advancements in technology will make it even more challenging to protect your company against evil hackers. But the good news is that the stakes will grow for advancements, as well. These changes will allow your business to grow even faster—but only if you ensure that your tech supports your business strategy. If you keep this in mind as we go into the next decade, you’ll be light years ahead of your competitors.
Curious about how you’re currently doing? Take our 5-minute network security assessment now to get a sense!