by Bharat Mistry
Cybersecurity is difficult to get right. On the one hand, CISOs are very much impacted by a highly volatile threat landscape. The tools, tactics and techniques used by cyber-criminals to attack their organisation evolve fast to exploit newly found weaknesses and take advantage of wider trends. The recent spike in crypto-jacking, for example, came about only after the value of digital currencies soared. Yet on the other hand, security leaders must be more measured. Only by stepping back and taking a more considered view of the industry untroubled by immediate threats can strategic, longer term decisions be made in the best interests of the business.
At the GOVSEC conference this week, Trend Micro’s Vice President of Security Research, Rik Ferguson will be drawing on his and Trend Micro’s several decades’ worth of experience to put current trends into context for IT leaders.
A 2020 vision
Rik’s first presentation will be focused around an ambitious project launched by Trend Micro back in 2013. Our Project 2020 initiative was spearheaded by a pioneering series of web videos designed to get IT and business leaders, policymakers and consumers to start thinking about how technology and cyber-threats may impact society in the future. The videos were set in the fictional land of South Sylvania, a high-tech nation in which citizens consume content on headsets or beamed directly onto special contact lenses by their service providers. An “internet of everything” allows businesses to deliver innovative new services to their customers, and at the centre of it all is an authentication hub known as The Switch.
In the series, South Sylvania is left to rue its reliance on tech innovation, when, on the eve of its first all-digital elections, a huge cyber-attack takes out The Switch. Banking, transport, healthcare and e-government services collapse as users cannot authenticate their identities or switch between profiles. Casualties mount, politicians blame each other and stretched police teams desperately try to track down those responsible.
Sound familiar? Well, in the years since, we’ve certainly seen aspects of this fictional world come to life, including election interference and voter data breaches, IoT threats and cyber-attacks with real-world physical consequences. Rik will be looking at the past six years and doing his best to predict what comes next.
The power of AI
His other presentation at GOVSEC will be focused around that other perennial for future gazers: artificial intelligence (AI). Increasingly, security vendors are touting AI capabilities in their products while security professionals fear that the black hats may be doing the same with their own tools to better circumvent defences and improve the quality of phishing emails.
Can we trust the vendors to deliver on their promises? Well, not if they’re claiming to offer a silver bullet to stop cyber-threats. Its effectiveness in Trend Micro’s XGen approach is undeniable. Here, high-fidelity machine learning is able to analyse a file’s attributes both before execution and at runtime to spot advanced threats. Yet it is only useful in this context when combined with a range of other cross-generational defence tools. Beware those claiming otherwise.
Like any emerging technology, AI certainly has its uses, but is far from fully formed. Rik will discuss where the opportunities lie for security teams, and where the technology could be used against them in the future.
We look forward to seeing you at the show.
What: GOVSEC, 14.05, Project 2020 from Trend Micro and Europol; 12.15, Seminar 5, Artificial Intelligence – Hype vs Reality
Where: Victoria Park Plaza, London
When: 9 May, 2019