The cybersecurity industry is based on two types of competition: that between security providers and cybercriminal adversaries, and that between the providers themselves.
What is unusual about the situation is how these two battlefields are connected; To prevent hackers from infecting devices with malware and infiltrating corporate networks, cybersecurity vendors often have to call a temporary truce.
Jaya Baloo, CISO of antivirus company Avast, characterizes this balance of competition and collaboration as a "friendly rivalry" that allows all the major players in the market to work hand in hand when it matters.
During a conversation with TechRadar Pro at MWC 2022, Baloo discussed the unconventional relationship between industry providers. She insists that the cybersecurity community is primarily focused on protecting people from attacks, and making a profit is a secondary consideration.
"I don't care what antivirus you use, as long as you use one," he told us. "We still see so many people being attacked on so many different devices, so our biggest concern is people who are completely unprotected."
Sharing is showing interest
In the coming years, a combination of several emerging technologies is expected to create the foundation for new digital experiences for consumers and businesses.
At MWC 2022, for example, there was a lot of talk about the interplay between 5G, AI, IoT and edge computing, a heady mix that will enable use cases ranging from self-driving cars to autonomous factories and more.
However, this level of interaction between technologies is likely to create headaches for security professionals, Baloo said, especially if new products and services are not developed with security in mind.
"There's an organic, orgasmic coming together of technologies right now," he said. "But it will mean increasing complexity, and complexity is the enemy of security."
In a scenario like this, cybersecurity companies have the best chance of protecting their customers from attacks by sharing information about new vectors, vulnerabilities, and cybercriminal groups.
Baloo pointed to the work of Avast's threat intelligence team, which publishes regular reports breaking down its findings. A recent report looked at a spike in phishing attacks against Ukrainian companies on the eve of the Russian invasion, for example, and the previous article covered the peak of DDoS hacktivism.
When the Threat Intelligence team discovers a new strain of malware or a new attack path, Avast not only integrates protections into its own services where possible, but also offers assistance to victims and alerts the community to its findings, he explained. Baloo.
“We work with everyone you think we would compete with. There is a very healthy level of dialogue throughout the ecosystem,” she told us.
“That's why it's so much fun; we collaborate with like-minded people to take down the bad guys. I love our threat intelligence work.
When asked if there were cases where Avast would not share information, for example, if hiding information had the potential to confer a competitive advantage, Baloo nodded disapprovingly. “When it comes to information from bad guys, we share. It's that easy."
go blind
Last year, the cybersecurity news cycle was dominated by the SolarWinds attack and the Log4J vulnerability, both of which highlighted the dangers posed by the software supply chain, a source of risk that companies often neglect.
Despite the confusion surrounding both incidents, Baloo told us that he hopes to see the same thing in 2022, as the necessary lessons have yet to be learned.
"Supply chain attacks are going nowhere," he said. "The biggest problem is that we don't fully understand our potential pain points."
"We've reached a certain level of maturity in terms of the technologies we use, but we don't understand how they fit together to create areas of weakness."
It's a problem that affects both open source software and proprietary services, Baloo says. Just because the code is available to everyone doesn't necessarily mean that someone has made it with the required level of control, as Log4j has shown.
However, Baloo is optimistic that regulations requiring companies to maintain greater oversight of their software bill of materials (SBOM) could play a role in minimizing risk for their clients.
After the attack on SolarWinds, for example, US President Biden launched an executive order that led to new guidelines requiring software vendors to provide full SBOM as part of the government's software procurement process.
The United States has stopped requiring suppliers to provide SBOM to all customers, but the practice is expected to become more common and, at a minimum, new regulations will raise the profile of risks related to the supply chain.
the next frontier
Cybersecurity companies are not only tasked with anticipating the types of attacks that could threaten customers in the short term, they must also look further and further afield.
Another developing technology area that is expected to have a significant impact on the cybersecurity landscape is quantum computing, which happens to be an additional area of expertise for Baloo, who advises the World Economic Forum on the subject.
Quantum computers solve problems in a completely different way than classical machines, exploiting a phenomenon known as superposition (whereby subatomic particles exist in multiple states at once) to perform certain calculations several times faster than is currently only possible. possible.
Although the world's most powerful quantum processors currently offer too few quantum bits (qubits) to establish a significant advantage over traditional supercomputers, the maturation of quantum computing will create several problems from a security perspective.
More importantly, large-scale quantum computers will have enough power to crack modern cryptography. Therefore, it is a mistake to assume that information protected by encryption today will remain secure for years to come. State-sponsored threat actors may already be collecting large amounts of encrypted data in hopes of one day gaining access to it.
“Quantum computing will answer fundamental scientific questions like a needle in a haystack,” Baloo noted. "But we'll be screwed as soon as we have a quantum computer capable of breaking current encryption."
"To reap the benefits of quantum computing, we need a new set of cryptographic algorithms that are unbreakable even with a quantum computer. As a cybersecurity community, we need to have a forward-thinking defense, so we are ready to meet this kind of challenges
Again, this is a problem that security firms will need to collaborate closely on in the coming years, both to develop new secure quantum algorithms and to push through regulation to ensure that the most vulnerable parts of the economy are "quantum ready." .
In a scenario where quantum security technologies do not develop at the same rate as quantum computers, the foundations of modern cybersecurity will be compromised.
And time is running out, Baloo warned.