21 Dec 2019 Emerging Cyber Trends
By Brian Rodger, Director, Cybersecurity CoE
When I was at the Cloud Security Alliance Congress in Orlando recently, I began thinking about what emerging trends might come to the forefront of the cyber landscape in the upcoming year. I think the following three are good candidates:
1. Data Taxonomy Adoption: As the influx of security and log data continues to grow, adopting a common data taxonomy across your enterprise will become increasingly important. Criterion has done the hard work of getting all the data aggregated, moving towards a common understanding that gives cyber organizations the ability to analyze the attributes that matter most to protecting their data. Having a taxonomy framework allowing for consistent categorization across all data sources will enable industry to unlock the power of big data and truly capture its promised value. For instance, automating the sharing of intelligence and effectively communicating to leadership on incidents that are occurring requires a standardized taxonomy.
2. Increased Focus on Training: I believe we will see an uptick in the funding available for the training necessary to help support the fast-growing cyber industry, as it will continue to need skilled personnel well into the future. A few weeks back I attended the kick-off meeting for the TLC-sponsored Cybersecurity Apprenticeship program in Nevada where Linda Montgomery (TLC President) reported the staggering number of open IT/cyber jobs in the United States alone (300,000+). Criterion aims to be at the forefront of this trend through our sponsorship of this program. We have our first apprentice entering the program, Gianna Frando, in January 2019. TLC and Criterion hope to expand this program to the Washington, DC, area in the near future and are always looking for more companies to participate in sponsorship. In addition to private industry embracing this trend, the federal government has announced its new cyber-focused training program. It is initially open to federal employees not in the IT/cyber field as they look to broaden the talent pool. It will be open to all federal employees in the near future.
3. Enterprise Threat Intelligence and Analytics Maturity: Most organizations today are aggregating hundreds of thousands of Indicators of Compromise (IOCs), tagging them to known adversaries targeting the organization, and correlating them to prevent and detect malicious operations. However, very few organizations have truly operationalized information feeds into intelligence. Just for clarification, threat intelligence is when you correlate and make analytical inferences that pertain to what your organization cares about. Criterion takes our standardized taxonomy and places it into a standardized ontological model that explains your data like humans do, making asking questions easier and faster. Put simply, it enables you to see how an adversary has attacked you over time and, maybe, how that adversary is evolving as it pertains to their targeting against you. Features of this include:
- Ontology modeling
- Automation of searching, tagging, and finding hidden relationships within your data
- Storing and generating intelligence the way you like to consume it
- Report generation made easy and fast, reducing the time from detection to reporting to minutes versus hours or days
- Maximizing productivity and scaling your human cyber talent by augmenting processes to handle a greater level of alerts with context