How Cybersecurity Has Evolved In The Past 20 Years
Chris Novak Forbes Councils Member

How Cybersecurity Has Evolved In The Past 20 Years

Twenty years ago, the cloud as we know it didn’t exist. There were no Internet of Things (IoT) sensors. Not even Gmail was around. It’s well known that cyber threats and tactics used by cybercriminals have evolved significantly over the past two decades, but so have solutions.

In honor of Cybersecurity Awareness Month, let’s take a look back to get a sense of how cybersecurity has evolved over the years and where we're going next.

The Automation Race

Back then, forensic investigations weren’t automated; they were mostly done onsite and by hand. There was a lot of vulnerability scanning done on big screens, and there was little to no technology that allowed work to be done remotely. You would have to physically plug into the network and review the data in order to compare how an organization was performing from one month to the next. The data would then be manually input into spreadsheets.

Before you even started that process, you had to be physically present at the location. You would deploy a team and start collecting data the following day, which could take a week or two. Then, you would return to the lab with the collected data for diagnostics. This process would take another week or two. All together, you might be analyzing the components of a breach for months.Today, by contrast, you can have access to the environment remotely in 15 minutes and begin doing triage activities. By the end of the first day, you may even have some indication as to what took place. The incident might be resolved within days, maybe a week, as opposed to months.

Today, it’s all about speed. While the response times of cyber defenders are orders of magnitude faster than they were 20 years ago, so are the actions of cyberattackers.

One noteworthy finding from the Verizon 2023 Data Breach Investigations Report (DBIR) is that most attacks are heavily automated. In essence, automation has become an arms race between cyber defenders and threat actors. Whoever is faster usually wins. This underscores the importance of threat detection and response solutions.Bandwidth Revolution

Remote forensic investigation wasn’t tenable 20 years ago because there wasn’t enough bandwidth to support it. The availability of high bandwidth changed everything. Mid-band spectrum, like C-Band, and edge computing have transformed the landscape, enabling a host of industry-changing innovations. But with innovations come new risks and new threats.

The ability to connect supply chains with IoT devices offered granular visibility, but it also created new potential points of entry for threat actors. Suddenly, hackers had a host of new attack vectors available to them. Up until that point, they would have had to connect physically to a facility.

Consider a water treatment plant or a nuclear reactor. Before physical objects and systems were connected, facilities invested in physical security, since the only way threat actors could gain access was if they were in the building. Today, the dynamic is completely different.

The other piece of this puzzle is the development of cloud technology. Cloud computing existed prior to the availability of high bandwidth, of course, but it existed locally (usually). It wasn’t until enough bandwidth could be mustered that the cloud became viable as a powerful facilitator of connectivity and automation.

Bandwidth in conjunction with cloud technology made a lot of scenarios possible, including utilizing IoT devices to connect physical devices and systems to networks and conducting forensic investigations remotely.

From The Wild West To A Mature Market

Twenty years ago, there were fewer laws and regulations around cybersecurity than there are today. If a threat actor successfully breached your network, you had little legal recourse. When you found a hacker, you had to get creative. Working with law enforcement, you’d look for other ways to incriminate hackers.

In those days, threat actors would use prepaid cards, money orders and other multinational financial services to move funds around, exposing themselves to laws around proper disclosure. You might catch them on a technicality that had nothing to do with data breaches in order to bring the hackers to justice.

Now, there is a raft of laws about data privacy and sovereignty, and there are many ways to prosecute cybercriminals. In a sense, the trajectory of cyber criminals and cyber defenders mirrored each other. It was harder to prosecute cyber criminals 20 years ago, but they had the added challenge of having to be physically present to breach a network.

Forensic investigations were more laborious back then for cyber defenders, but the number of cyber criminals paled in comparison to the legion of threat actors that exist today. Hackers have more automation tools, but so do we.

So where does cybersecurity go from here? Is AI the next watershed, just as cloud technology and high bandwidth were in the past 20 years? It could be, but it’s difficult to tell how it might serve threat actors. The ability to enhance automation is marginal, and the potential to enhance social engineering is nascent, but there may be other unforeseen applications.

The bigger picture is staying a step ahead of threat actors in the automation race. Whether that’s accomplished with AI or some other yet-to-be-discovered technology remains to be seen. In the meantime, as is always the case in this industry, regardless of the latest innovation, we’ll stay vigilant.


Source: https://www.forbes.com/sites/forbestechcouncil/2023/10/25/how-cybersecurity-has-evolved-in-the-past-20-years/?sh=7a15fdee2f9a


要查看或添加评论,请登录

CyberSecAsia.Org的更多文章

社区洞察

其他会员也浏览了