What will the future of cybersecurity look like in 2031?
Any one want to hazard some guesses?
Do you agree or disagree with this article or want to augment it?
So my take on Women in Security. When I first got involved in Security, 35 years ago or so, there were only about 9% of the workforce that were women. Since that time, it has grown to be about 25%. The growth is slow but a number of organizations are doing things to help the situation. In 2010, (ISC)2 introduced the first Women's scholarships. Imagine the smiles on the faces of those involved when $3000 help a young lady in Africa finished her doctorate degree in Security. Growth in the field may be slower than we would like but it is increasing. If we look at other professions, the number of women is far exceeded by the number of men.
Looking at the Medical profession (AAMC’s Physician Specialty Data Reports 2020), according to a survey shows the following:
This chart shows that even though 51% of the world's population is women, they are still underrepresented and medicine has been around much longer than Security.
IMHO, we need to start with the education system and begin exciting young ladies about STEM programs. Some great strides are being made and we are starting to see the benefits but the school system is still pushing girls into home making courses. This change has to happen at the JK to grade 8 levels and continue into high school (9 - 12).
My nickel canadian
@dcontesti I'm not sure what JK level is but from my perspective, it has to happen much sooner than that. My son just had his Kindergarten (5-6 year olds) graduation ceremony and they each had to come up on stage and tell the audience what they wanted to do when they grew up. Most, if not all, of the girls said either make-up artists, hair stylist, or fashion. The boys were saying YouTube streamers, public safety jobs, or construction type jobs.
Just my two cents as well but it seems like we're fighting against environmental factors (what's considered masculine or feminine) when it comes to things like this as soon as they are born. The hard question that we need to know as well is if there are any biological factors working against us or is it all environmental?
@tmekelburg1 Sorry JK is junior Kindergarden (usually age 4ish)
And I agree parents also need to eliminate the steroetypes.
“I don’t think things will be in the cloud in 10 years; I think things will be back to on-prem,” she said. “There will be more peer-to-peer closed networks. People will figure out how to use blockchain.”
I don't see enough development of applications and services to lead me to believe it's going back to on-prem environment. I see the opposite where in the beginning most software companies rushed to get a SaaS equivalent to their on-prem version but are just now getting around to implementing the proper security controls, e.g., MFA, redundant data centers, etc.
The State of Passwords:
Passwords will be around for a long time but most of my apps are now implementing biometrics and MFA. The key here would be to have the biometrics be the main way to authenticate and passwords being the backup just in case. Biometrics kept at a trusted IdP...is that a government agency?
The Role of AI in the Future of Cybersecurity:
"It’s eventually going to be bot versus bot. You’ll still require human intervention because humans are always needed and are at least half the solution.”
Anyone else think of the TV show BattleBots? I'll just program a flamethrower on here and we'll be good to go. Do we even have true AI now or is it just ML? Maybe we should try to achieve that first?
Data Breaches and the Threat Landscape:
I predict companies in the future will evaluate what data is truly necessary for revenue and purge what's not. Yeah, I know. Pretty optimistic of me but hey it's the future I want.
Large-Scale and Supply Chain Breaches:
"He suggested that the only way to prevent more infrastructure attacks is to pass a Geneva Convention-style digital act amongst nations prohibiting them from attacking infrastructure."
What do we do about the hacktivists that go rogue? Ukraine comes to mind here where anyone with an Internet connection can try to hack Russian sites. Would the U.S. stop someone who's attacking Russian infrastructure if we had an agreement in place? My guess would be they would hire them and want to know what vulns they're exploiting for their own use in the future.
I tend to think there'll always be a skills shortage. In an area in which newer technologies and their attendant vulnerabilities increase year on year, with new systems being introduced faster than legacy is retired there will always be a shortage of resources to do the hands on security engineering to close out vulnerabilities. Automation is less likely to ameliorate the mismatch as there isn't a commercial advantage in providing fixes for a shrinking market in each legacy technology. Tech just become EoL and organisations will continue to use it well past the point that appears prudent.