As we ring in the new decade, leaders from ExtraHop have some 2020 predictions for enterprise cybersecurity. While 2019 was a year of continuous and increasingly sophisticated threats, insight from customers, partners, and industry insiders makes us confident: 2020 will be the year that organizations finally drive the change needed to secure the hybrid enterprise.
From predicting tool consolidation, to greater scrutiny on fast-growth companies, to the source of the next big breach, ExtraHop leaders offer their thoughts on what will make headlines in the year ahead:
The Year of Deeper Scrutiny for Fast Growth Companies
"2019 was a tough year for heavily hyped fast-growth companies going public in Silicon Valley. Several companies that raised huge rounds ultimately failed to deliver expected results or even approach profitability after they went public, and Wall Street was not amused," said Arif Kareem, CEO, ExtraHop. "In 2020, we expect the investment community to more deeply scrutinize companies' financials and business fundamentals, ultimately leading to the support of companies who deliver on their promises, are capital-efficient with sound vision and innovation, and those companies with truly sustainable business results and model to back them up."
Antiquated Threat Detection Methods File Hashing and Signature-Based IDS Wastes Time
"Since the 1990s, file hashing has been the default mechanism for detecting malicious threat activity, despite the fact that it's ineffective against modern attacks that use polymorphic or fileless methods to go undetected. The same goes for signature-based IDS which are extremely noisy while providing very little actual alert context," said Jesse Rothstein, CTO and co-founder, ExtraHop. "Security teams will continue to rely on these antiquated methods of detection because they are expected to, regardless of how well they work in today's threat landscape."
Accountability for the Ethical Use of Users' Data
"Recent headlines tell of giant data corporations like Google and Facebook monetizing users' data and lacking sufficient transparency in these activities," said Raja Mukerji, CCO and co-founder, ExtraHop. "There's already been significant social backlash, but in 2020 we predict that users will demand companies not just follow the often-dated laws, but that they also do what's right. Regulations like GDPR and CCPA are helping to bring more clarity around what's appropriate, but 2020 will be the year that the industry is held accountable for the ethical-in addition to regulatory-compliant-use of personal data."
A Slowing Economy Will Force Tool Consolidation
"In security programs, it's been very difficult to turn tools off. What gaps will I create? What unintended consequences will I see? As the economy has rolled along over the last decade, most security programs have had the necessary funding to add new tools and retain legacy tools under the guise of risk management," said Bill Ruckelshaus, CFO, ExtraHop. "Economic slowdown is likely to change all of that, as investments in new technology will require cost savings elsewhere. A tighter economy will finally cause us to pull the plug on legacy security tools."
"Observability" Will Gain Ground as Both a Concept and a Vocabulary Term Both in Security and DevOps
"Observability is a term that several companies are using to describe the practice of capturing metrics, logs, and wire telemetry (or sometimes other data sources, mostly in the DevOps space). The value of correlating insights from these data sources has gained enough ground that vendors need a word for it. Observability, The SOC Visibility Triad, and other terms have been spotted in marketing materials and on big screens and main stages at security and analytics conferences," said John Matthews, CIO, ExtraHop. "In 2020, we'll see heated competition to control the vocabulary and the mental models that enterprises and vendors use to discuss and market security best practices regarding gathering multiple data sources and correlating insights between them."
Cybersecurity Will Finally Become a Top Priority in the 2020 Election
"The 2020 election is right around the corner, and so far there's been little focus on the importance of CyberSecurity on the campaign trail. Sure, there's been an ongoing discussion about Russia's involvement in our 2016 election, but no candidate (Democrat or Republican) has elevated CyberSecurity to be a central theme in his or her campaign. That will change in 2020. That must change in 2020! Technology innovation and business transformation fuel the American economy, but security and trust are at the heart of it all. National Defense is a priority for all Americans, but it won't happen without security innovation," said Bryce Hein, SVP Marketing, ExtraHop. "As we move into the heart of the 2020 Election season, one of our candidates will wake up and elevate CyberSecurity to the national discussion, where it should be."
The Wave Begins Towards Security Tool Consolidation
"Organizations will be taking a strong look at the number of security vendors within their ecosystem in 2020 to determine overlap and begin a move towards consolidation of tools," said Chris Lehman, SVP of Worldwide Sales, ExtraHop. "The winners will include those that have proven their API superiority and ability to work together within an organization's ecosystem. The losers will be those who have not proven their ability to strengthen core security."
A Major Information Leak from a Cloud Provider is Coming
"In 2020, we are likely to see a major information leak from a cloud provider. While at the same time the cloud providers are providing many useful built in tools, it's not clear that they are using their own tools to secure themselves," said Jeff Costlow, CISO, ExtraHop. "As a further prediction, the leak will not effectively diminish migration to the cloud as we have noticed with other breaches that they do not significantly erode confidence in the services."
A Vendor Will Be Responsible for a Major Breach of Data Due to Phoning Home
"In 2019, ExtraHop issued a security advisory about the vendor practice of phoning data home and how this is happening without the knowledge of customers. The problem with this practice is that it expands the attack surface via which that data can be breached, exposing it to threats within the vendor's environment," said Matt Cauthorn, VP Security, ExtraHop. "2020 may well be the year that a breach of a vendor's environment exposes the data of one or more of their customers. Regulations like GDPR have imagined exactly this type of scenario and laid out specific requirements for data controllers and data processors. But if and when such a breach occurs, it will have broad impact and implications."
The Big IoT Breach is Coming
"In 2017, major ransomware attacks crippled the networks–and operations–of major global organizations. While those attacks did billions in damage, for the most part, IoT devices were left unscathed. But sooner or later (and probably sooner) the big IoT breach is coming and it could have global implications," said Mike Campfield, VP Global Security Programs, ExtraHop. "Whether it happens in the US or abroad, in healthcare, shipping and logistics, or manufacturing, IoT devices around the globe are fertile hunting grounds for attackers. Taking down every connected device–from telemetry sensors to infusion pumps to mobile points-of-sale–could easily grind operations to a halt."