Trend Micro’s Rik Ferguson will explore the evolution of cyberthreats against enterprises at this year’s DTX Europe on 9-10 October at EcXeL London. His session ‘Anatomy of an Attack: Factory as frontline’ will discuss recent criminal attack methodology and tools, and the valuable lessons that can be drawn from them.
In a recent interview, Ferguson discussed his thoughts on how the industry is changing and what technologies will be prevalent in the coming years.
What is the biggest challenge facing the industry?
We still have a very long way to go in overcoming the legacy and mistakes that have led to us having such a terribly non-diverse workforce in cybersecurity. Diversity encompasses many areas, of course gender diversity, but also neurodiversity, racial diversity and professional diversity. The current cyberskills gap is a largely self-inflicted wound where restrictive hiring practices have focused more on hiring pieces of paper than on hiring people.
What are your predictions for the IT industry for 2019-2020 and beyond?
In the very near future, the main drivers that will shape our industry are the 5G rollout, the inexorable market to ever more abstracted services and the death of ‘IT for IT’s sake’. No organisation ever became a global success by being the best at running Microsoft Active Directory or by effectively managing their network infrastructure, for example.
These skillsets will become less and less relevant in the enterprises of the near future as they are outsourced to specialist providers. Businesses will be free to focus on doing the things that really make them successful, whether that is selling widgets or delivering code. Containerisation technologies will also see rapid adoption in this environment, giving businesses the ability to build secure, ship fast and run anywhere.
How do you perceive the hype around artificial intelligence (AI)? Is it an ethical concern or a huge opportunity?
It’s both isn’t it? We have already seen examples of hiring algorithms with in-built biases, we are rapidly approaching a time when autonomous vehicles will have to make decisions about how to cause the least harm in the event of an accident. Services already exist that use machine learning to effectively offer digital immortality to a person longer after their physical self has ceased to be.
However, we are also using AI and machine learning in innovative ways in cybersecurity. Of course, we use AI to detect spam, criminal websites and malicious files but we are constantly innovating and finding new ways to harness this technology for more effective security. An example is our recent innovations around writing style analysis to defeat business e-mail compromise attacks.
What do you think is going to be the next big technology development?
Quantum computing? Smart robots? I suppose that depends how far ahead you want to look. Of course, quantum computing will mean some big changes when it is widely available, especially in the realm of encryption, and smart robots will one day step off the pages of science fiction novels and into our homes and businesses.
In the shorter term though it’s more prosaic things like machine learning to process the ever-increasing mountains of data generated by enterprises and container platforms that will finally allow them to shift legacy architecture into more adaptable infrastructures.