The security industry has a notorious reputation for being stubbornly slow to adopt newer technologies. The reasons for this reluctance among both systems integrators and end-users to upgrade to the latest and greatest solutions are several fold. First and foremost, the cost to replace existing hardware and software systems is simply a non-starter for many organizations and second, there is healthy dose of skepticism about the touted benefits of certain solutions and whether or not they can actually live up to their marketing hype.
But unlike many of the incremental technology improvements that have occurred across various product segments though the years, the security industry today stands a crossroads where the inability to keep pace with tech advancement could be a death knell for companies and practitioners that are unable or unwilling to adapt with the times. This was one of the key themes of a keynote address delivered by Scott Klososky, Founder and Principal of TriCorps Technologies, at GSX 2018 on Tuesday.
Klososky, who also delivered a keynote speech at last year’s ASIS conference in Dallas, returned to the stage at GSX this week to emphasize the preeminent role that technology is going to play in the future of the industry and why it is important for security practitioners to start embracing and familiarizing themselves with them.
“We stand at a fork in the road right now in security where we are starting to have superpowers. One the reasons that this (conference) is now GSX and you have a new learning center and event configuration was to start teaching or highlighting what these superpowers are,” he added.
These superpowers encompass four product segments, according to Klososky, including: robotics, software-based intelligence (i.e. artificial intelligence and decision support systems), sensing and recognition, and self-learning systems (machine learning and deep learning).
Factors Driving Change
Leveraging these new technology “superpowers” will also be necessary to adapt to many of changes taking place in security that are largely being spurred by the digital transformation that is underway in society as whole. According to Klososky, recent research commissioned by ASIS found that there will be seven primary things that will drive change within the security industry in the future. These include:
- Global Rules in Flux – the development of regulations like the European Union’s General Data Protection Regulation (GDPR) and the rules of engagement for things like cyber warfare, which is still uncharted territory for many governments and private organizations around the world.
- Transparency battles – the desire of citizens in the U.S. and elsewhere to be able to control the privacy of their data and know exactly who has and what they’re doing with it.
- Shifting Values and Valuables – Data is now a high value currency to companies and criminal organizations alike.
- Complexity at High Speed - With the proliferation of IoT devices has also come an ever expanding threat surface. All of the data, devices, software, and so forth that reside in organizations today must be simultaneously protected against a growing number of threats.
- Tomorrow’s Internet – The growth of the IoT means that we are moving to a world in which there will be more connected devices than people.
- A Predictive World – The past focuses of forensic and real-time analysis will eventually give way to the development of technology that is predictive in nature.
- Machine Intelligence – The advent of machine learning and the benefits it provides security end-users has been discussed ad nauseam for a while now, but these solutions will be an absolute necessity in the future to make sense of our data-driven world.
Criminals Take Notice
While these trends are expected to forever alter the trajectory of the security industry, they will also likely be leveraged by malicious actors for financial gain or, worse yet, to carry out physical attacks.
“There are people just as smart on the criminal side as there are on the security side,” Klososky said. “In many cases, they have more time and resources to sit there and figure out how to exploit technology.”
One of the biggest threats posed by organized crime syndicates in the future, according to Klososky, will be that in much the same way ransomware or DDoS attacks are used today to extort money from victims, the cyber criminals of tomorrow will probably compromise autonomous vehicles with similar schemes. The scary part is that terrorists could also exploit these vehicles to launch various types of attacks.
“As we connect more things and as move up this digital transformation, the vectors that people come at us from will continue to change,” Klososky told the crowd of attendees. He added that no longer can security be segmented into electronic security, physical security or cybersecurity, but rather everything should be thought about and fall under the umbrella of just simply “security” moving forward.
Klososky also reemphasized the need for the industry to begin warming up to these aforementioned tech advancements or run the risk of being seen as antiquated in their approach to both security and overall risk management.
“If you don’t start moving quickly toward these superpowers and you think it will be enough to just have ‘guards, gates and guns,’ you’re not going to be somebody that is looked at being able to offset risk,” he said.
About the Author:
Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].