Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | More
Show Notes: https://justinfimlaid.com/5-security-predictions-for-2019/
Sponsor: https://www.nuharborsecurity.com
Contact Me: https://justinfimlaid.com/contact-me/
Twitter: @justinfimlaid
LinkedIn: https://www.linkedin.com/in/jfimlaid/
Most companies put
together a “top predictions” for FY19. Most are garbage. There's a couple I think are decent but they
are few.
Here's my top 5
predictions for FY19.
People will realize that SOAR (Security Orchestration and Automation Response) is not the security savior. In fact, I'd be so bold to say it hinders the security industry by forcing security professionals to become distracted from doing the core and foundational security work. Security takes work…plain and simple. You have to eat some shit and grind it out. That's the job. There's no easy button for this. While people are spending the year trying to figure out what to automate, they'll only get to December with little to show and year wasted. I often see SOAR being sold as the end all be all to the security talent short-comings…”no staff, no problems…just buy this solution and we'll solve it for you.” BS. In my experience, most companies don't have good security practices, and what happens when you automate broken processes…you break the process more times and faster. Additionally, the fundamental thing that SOAR is missing is that security is often distributed within an organization, meaning…it's not one team rather a bunch of teams/departments doing their part of security. The issue in corporate is that those departments DO NOT allow another group to dictate automatic configuration of technology they are responsible for. Lastly, folks are still trying to figure out security…never mind automate it. Security teams still need to fundamentally understand the tedious parts of security before they can automate anything…and unfortunately, most people don't know what they don't knowNetwork visibility becomes an important thing. Yeah – this one has been around for a while but I think this is the year it picks up momentum. With distributed networks and IOT blowing up, I think folks will finally start to realize that you can't secure what you can't see and will finally own up to needing a solution that provides central visibility to all devices with an internet connection. To date, I think this has been a bit of a luxury to have this level of visibilty but I think must folks have tried to cobble together make-shift or home grown solutions to get this level of visibility, so this year I think we'll see folks start to own it.Blockchain will become commoditized. C'mon let's face it…there is ton of folks trying to tout how smart they are with innovative blockchain solutions. Honestly…there's so many people trying to do this, and if someone can find useful use-cases then I foresee this becoming as commoditized as asymmetric and symmetric encryption for data protection late this year. Other words, if someone can do something worthwhile, it become table stakes and no one will care anymore. Scan-jockeys will be identified. Contrary to what I hear every week – a vulnerability scan is not a Penetration Test. In the industry we call these folks who run a vulnerability scan and pass it off as a penetration test as Scan Jockey. These are folks that don't really know how to pen test, so they choose a vulnerability scanner, run a scan and hope no one knows the difference. Now, don't get me wrong, a vulnerability scan has a VERY valid use in security; in fact I think every organization should be doing vulnerability scans. My issue is people faking to be a penetration tester. I do see folks in industry becoming more educated in the difference between the two types of test, and I think later this calendar year more scan-jockeys will have a harder time in security as penetration testers, and people who actually spend time practicing their craft will get cr…