At the start of the year 2020, news broke out about Microsoft exposing data of over 250 million customers. And hence the question arises, should such companies be penalised with bigger consequences for negligence? Or as a matter of fact, what is negligent behaviour?
In the case of Microsoft, they disclosed that the data breach was a result of misconfiguration and they publicly shared their remediation plan for the same. While cybersecurity errors can befall any organisation, it is important to take responsibility for the same and improve their teams, systems, processes, and policies to strengthen security.
Cybersecurity has come a long way ever since the need for it was made evident. But as the cybercriminals and hackers become more potent by the day, cybersecurity operations need to be improved continuously. Having said that, let us have a look at what the future beholds for cybersecurity.
Inclusion of Artificial Intelligence in Cybersecurity Operations
There are two ways to look at the impact of artificial intelligence on cybersecurity in the near future. Firstly, with almost all industries adopting new technologies, especially AI, in their applications, they inherently create cybersecurity risks. This is because the weak links and potential exploits are not completely understood at the time of release and until a significant amount of time is devoted to using and improving the systems. This gives a window to the hackers to target these mission-critical operations relying on artificial intelligence and machine learning. As a response to this potential cyberthreat, future cybersecurity professionals will be required to develop techniques to detect and diffuse AI cyberattacks
The second approach is to use AI technologies in developing new ways to address vulnerabilities in systems and networks. Artificial Intelligence will be an essential element in detecting security issues even before they actually arise.
Artificial intelligence has the potential to move the cybersecurity approach from counteractive to proactive.
The year 2017 saw Sandworm, which was a hacking group backed by Russia, boldly go after a range of targets including Easter European energy grids and big American corporations. And while this was one instance three years ago, many others have existed and disrupted cybersecurity systems in the past.
The Cyber Warfare trend is expected to pick up in the future and will become a frontier in wars between countries. Especially, the emerging economies and small nations who lack resources and political connections will turn to cyber warfare.
Hence, businesses around the world need to find ways to strengthen their infrastructures and make them more resilient to intrusions and attacks. The systems that would make appealing targets during cyber warfare could be power grids, airport management systems, traffic systems, hospital databases etc.
Analytics and Automation
The application of analytics and automation are already here but are yet to pick pace to become evident. In a notable application of analytics, researchers at Carnegie Mellon have employed web server attributes as variables to predict what is the likeness of a server to be hacked. The model implemented by them predicted 66% of the future hacks with a false positive rate of 17%. If harnessed successfully, this kind of predictive power will enable the organisation to focus more on high-risk technology environments.
Automation, on the other hand, is the next step to analytics in cybersecurity. The Defense Advanced Research Projects Agency (DARPA) concluded a competition where it asked developers to build automated programs which could identify system flaws, detect intrusions and cyber-attacks, and fix these issues without human intervention. The competition was aced by ForAllSecure (a Carnegie Mellon spinoff). Even though their model later finished the last while competing with human cybersecurity analysts, it has opened up a way forward for such solutions to exist and improve.
It is safe to say that the most effective cybersecurity environments that will exist in the future would be complex hybrids of human and machine intelligence. Such models will include automated analytics-driven alerts and human intervention for effective security in a monitored environment.
Bridging The Cybersecurity Talent Gap
When it comes to skilled cybersecurity professionals, there is an extreme shortage compared to the available open positions for such experts. As per a study by the Global Information Security Workforce, the gap between open cybersecurity positions and qualified personnel will increase to almost 2 million by 2022.
In such a scenario it will become really expensive for organisations to hire the right talent. Also, we would witness a lot of investment from the organisations’ part towards the training of their existing staff. The reasons for this upsurge in the number of cybersecurity jobs are:
Continuous Growth in Cybercrime
The rise in number and frequency of cybercrimes poses a need for highly skilled cybersecurity teams within organisations. Professionals with expertise in different aspects of cybersecurity are crucial for building a comprehensive solution for securing data, network, and systems.
The High Cost of Security Breaches
As per IBM, the average cost of data breaches in 2018 was $3.86 million. This is a 6.4% increase from the cost of data breaches in the year 2017 which accounted for $3.62 million. If we go by the predictions of ‘Cyber Security Ventures’ the cost incurred due to cybercrime will go up to $6 trillion annually in 2021, double from $3 trillion in 2015.
Growth of Online Infrastructure
The world is moving towards increased adoption of IoT in daily lives. The excessive usage of smartphones, smart houses, cloud-based platforms, etc. is the breeding space for cyber-criminals. As the world continues to rely on the internet, the future of cybersecurity crimes and jobs is bright.
Given the scope of cybersecurity jobs now and in the future, it would be a wise decision for interested professionals to upskill in the domain. You can check out Great Learning Academy’s free ‘Introduction to Cybersecurity’ course.0