The Evolution of Cyber Defenses, Attacks and Vulnerabilities in 2019

Time marches forward—and so does cybersecurity and the cyber threat landscape. What do organizations and IT professionals have to look forward to in the year ahead? What emerging trends and innovative attacks do you need to be on the lookout for? 2018 is comfortably in the rearview mirror now, and now we have all

As in years past, 2018 saw a steady stream of major data breaches. Billions of consumers around the world were affected by exposed or compromised personal and financial information, and companies of all sizes and across all industries felt the impact of financial and reputational fallout that results when data is not adequately protected. Data privacy occupied the spotlight in 2018 with the launch of the General Data Protection Regulation (GDPR) in Europe, and similar data protection legislation in the United States. Emerging technologies like artificial intelligence (AI), machine learning (ML), and blockchain also had a significant impact on the cybersecurity industry.

Don’t expect 2019 to sit back and let 2018 have all the glory, though. In 2019, you can expect to see the evolution of cyber defenses and attack methods, as well as countless new vulnerabilities for hackers to exploit. 2019 will be like, “Oh. You had a lot of data breaches and vulnerability exploits? Hold my beer.”

I had a chance to talk with Ivan Novikov, CEO and co-founder of Wallarm, about the year ahead. Ivan is a white hat hacker who specializes in testing methods to improve the security of information systems. He was won several bug bounty awards from companies such as Facebook and Google, and he frequently speak at security events, including Black Hat, Hack-in-the-Box, SINET Innovation Summit, AI Summit, and others. Ivan is known for being an inventor of Memcached injection, and for his work in server side request forgery (SSRF).

Here are a few thoughts from Ivan on what you should expect to see in 2019 and beyond:

Sponsorships Available

Sponsorships Available

Sponsorships Available

1. Envoy Proxy will result in increased security configuration issues

Envoy is an open source edge and service proxy designed for cloud-native applications. The project recently became the third to graduate from the Cloud Native Computing Foundation (CNCF). Envoy Proxy is a solid project and a very good tool. It is robust from a security perspective thanks to its good architecture, C++ implementation and lack of legacy code base. However, it is also new to the scene and DevOps teams are much less familiar with it than existing tools. As a result, I expect to see a higher number of security issues driven by misunderstanding or poor configuration.

2. Fuzzing goes mainstream

“Fuzzing” is a term for trying various inputs for applications to try and trigger an exception in the code. Fuzzing reaches legal drinking age as it turns 21. In 2019, has become and will continue to be more mainstream as both a defensive measure and as an attack method. As a proactive defense tool, fuzzing can automatically generate hundreds of security tests to deliver tangible agility and security benefits across the three primary areas of concern for CISOs without requiring developers to be experts in cybersecurity.

3. AI will play a crucial role

The more sophisticated and complex applications become, the more they are exposed to potential risk and vulnerabilities. DevOps and microservices have accelerated the pace of application development—and made it virtually impossible to adequately manage risk or detect threats manually. Machine learning and artificial intelligence deliver more accurate results and will play a crucial role in helping to identify and mitigate vulnerabilities effectively

4. Serialization based attacks will grow

Serialization allows for flexible and efficient data transfer and storage, but if it is not properly and continuously monitored it can also expose you to potential risk from attackers. Attackers can embed malicious code within a serialized object or exploit unsafe code already on the server—turning something designed to be beneficial into something that can cripple your applications. CISO’s should refuse serialized objects from untrusted sources by default. It is also a good idea to employ integrity controls such as digital signatures and implement proactive monitoring and recording of deserialization exceptions to ensure malicious code does not get in and existing vulnerabilities are not exploited.

5. API gateway and framework configuration issues will increase

New frameworks and sophisticated development platforms have simplified coding. As a result, the bar for becoming a developer has been lowered. The effort involved in developing code may be simplified on the outside, but the code that results from these modern frameworks and platforms is still complex, which can effectively make them ticking time bombs. As more developers use these frameworks without the requisite skills and technical understanding of how they work, you can expect to see more issues resulting from misconfigurations.

6. Automation will help compensate for shortage of cybersecurity pros

There have been headlines for years claiming that mankind will eventually be replaced by robots and all of our jobs will be taken by AI. The AI market in cybersecurity alone is projected to reach $34.8 billion by 2025. Don’t polish your résumé just yet, though. Most of that spike will result from leveraging AI to help fill a gap in skilled cybersecurity professionals—not to replace existing roles. AI is inarguably better, though, for many routine, repeatable tasks such as intrusion detection, risk and vulnerability assessment, and continuous testing. The simple reality is that it will be impossible to keep pace with the sheer volume of threats in a dynamic and volatile hybrid cloud world without AI and machine learning.

The AI market for cybersecurity is currently experiencing a spike in investments and market consolidation that will ultimately increase competition and fuel innovation. AI will become better and quicker at identifying and mitigating risks than low and mid-level security analysts, which creates an opportunity for those currently filling those roles to move to monitoring or quality control positions that require more creativity and represent a better use of manpower.