DZone – Tom Smith – 7/19/18
[Ed. Note: DZone interviewed Mo Rosen, GM, CA Security, Sam King, GM, CA Veracode, Mark Curmphey, CA SourceClear, on security concerns]
To gather insights on the current and future state of security, we talked to 47 executives from 43 companies about security in their own organizations and for the clients with whom they are working. Given all of the breaches that have appeared in the news and the enforcement of GDPR, response to this topic was unlike any we have seen for previous security research guides.
We asked them, "Do you have any concerns regarding the current state of security?" Here's what they told us:
Speed/Efficacy of Attackers
- The hackers are getting smarter. Too much is spent on detection and not enough on prevention — Gartner Carta strategic approach.
- Cyber adversaries are using highly automated tactics, leveraging the capabilities of AI along with a number of sophisticated tools and cheap computing power. A recent report from OpenAI points out some of these malicious use cases of AI in the cyber security domain. Use of AI lowers the cost of a cyber-attack by automating certain tasks and more effectively scoping out potential targets. It is now becoming a reality that simultaneously thousands of cascading attacks can be made on an enterprise’s digital infrastructure with little manual involvement. Multi-front cyber war aims at creating chaotic scenarios by sending a combination of fake and real attacks to get to the data. We are much closer to a battle of the machines now than ever before.
- We are entering risky waters. The magnitude of security hacks is increasing. Ransomware attacks more than 250,000 devices in two days. Impacts are getting bigger. We have to think about security by design from day one.