As fast as technology moves, it still takes planning, effort, and time. Cybersecurity is constantly evolving and riddled with a myriad of challenges. Investments in technology today may have a revolutionary impact on the seemingly insurmountable problems of the future. So what are the seemingly impossible problems and opportunities the technology luminaries should be investing research and development budgets to solve?
Here is my list of what the best security solution providers should be researching today for problems 3-5 years from now:
- Force multiplier technologies. The unrelenting advance in attackers and their capabilities, the ability to manage risk is becoming ever more difficult. To keep pace with the evolution of threats, technologist must learn to both greatly improve effectiveness and combine the capabilities of standalone security solutions, to work together cohesively for a greater overall impact across the device and back-end ecosystem spectrum
- Harden technology against attack. Design products better and build them in a way more difficult to compromise. All security technology can be overcome, but it takes effort. Making the attack-effort cost higher essentially extends the time technology and devices remain secure, thereby providing a positive economic incentive for investment. The total cost of ownership is reduced as are the risks of cyber related impact
- Architect for agility. Security structures must inherently be agile to keep pace with the attackers. Current generations of solutions require heavy lifting to implement and configure, and are near impossible to End-of-Life which creates an entrenched and committed position, lacking the necessary maneuverability to adapt. Security providers must innovate to embrace extensibility, reconfiguration, and even repurposing of solutions, information, and capabilities.
- Solve and deliver regulatory compliance. National and international security regulations are a mess. They are ever changing, inconsistent, and many times vague to understand, difficult to enact, and some are less than effective. But, legitimate organizations are compelled to follow them. It is a costly and never-ending exercise in frustration. Regulations have their purpose, but technology has an opportunity to simplify compliance and greatly reduce the burden for everyone’s benefit.
- Finding the right balance for Privacy. Privacy must be preserved, but not at the cost of undermining the innovation and time-to-market incentives of growth. A balance must be found.
- Solving the challenges electronic identity. Reasonable, confident, and private capabilities are needed to establish and manage the identification and authentication of users and devices. Electronic communication and transactions depend upon it.
Although perhaps not nirvana for all aspects of cybersecurity, these fill my heart with hope. So brilliant tech guys (and gals), get to work and make these a reality!