Decade Retrospective: Cybersecurity From 2010 To 2019
The Decade Cyber Went Mainstream
Yes, technically, decades begin in years that end in one, but it’s easier to say the 2010s than the 2011s. Prior to 2010, cybersecurity was an insular domain. No one really cared, until something they were using didn’t work. Devices blew up due to malware or adware, and users got annoyed when a machine disappeared to get reloaded by IT, but after the event was over, concern faded. As we entered the 2010s, most corporations acted the same way, but by 2018 and 2019, cybersecurity experts and security and risk pros became a fixture in boardrooms and newsrooms. The battle over “cyber” raged, and the resistance lost, so that’s what it’s called throughout . . . consider this our surrender as we accept defeat with grace. Let’s look at the last 10 years of notable security trends and events.
Phrase Of The Decade: “We Take Your Privacy And Security Seriously”
Everyone’s heard or read this phrase, right before a company starts explaining how something happened that violates that privacy and security. And most security and risk pros recognize that the sentence above is missing a key word: “now” — “we take privacy and security seriously now.”
Excuse Of The Decade: “Sophisticated Attackers Bypassed Security Controls . . . Etc.”
After the dust settled, what we almost always discovered is that the attackers weren’t that sophisticated. Or if they were, they didn’t have to flex too many mental muscles to get inside the environment. The combination of low-hanging fruit and living off the land provided all that attackers needed to breach the company.
Merger And Acquisition Bust Of The Decade: Intel And McAfee
The announcement of Intel and McAfee would kick-start a decade-long trend of M&A activity and capital flooding into the cybersecurity market. Much of the activity was positive, but this one certainly wasn’t:
- McAfee failed to innovate during its seven years under Intel. This one happened a long time ago — or at least it seems that way, but it didn’t: This was announced midway through 2010. Prior to writing this down, I would have told you that this happened last decade, but nope. It kicked off our 10-year period, and what a signal it was. Intel envisioned using McAfee to embed security into hardware to create a unique competitive advantage that standalone hardware and security vendors could never match. Unfortunately, this vision never came to fruition, and Intel eventually had to spin off McAfee. Forrester called this one and we were proven right seven years later.
- Honorable mentions: FireEye and Mandiant
Watershed Moments: The Kill Chain And APT1 Report
Outside of all the breaches, no other moment defined most of the decade for cybersecurity more than the APT1 report, released by Mandiant in 2013.
- This turned cybersecurity into a spy novel and changed industry marketing. For security and risk pros, this report summarized what most of us knew: that China was stealing intellectual property from firms in the US at a rapid rate. But for outsiders, it carried them on a journey made personal, with nation states engaged in cyber conflict with personalities. Until the end of the decade, company after company would use threat intel reports as content marketing to generate leads and demonstrate their bona fides.
- The Lockheed Martin Kill Chain made cybersecurity more accessible. Every industry plays it loose with jargon, and ours is no different. This research created a taxonomy that others could use to explain what happened, why it happened, how it was classified, and, importantly, what could be done in the future about the stages of an attack. It didn’t solve the communication gap between technical and nontechnical audiences, but it did solve the communication gap within cybersecurity when it came to framing attacks.
“Best” (Or Worst) Malware
There’s no shortage of choices, but these two really stood out as examples of what defined the decade in terms of attack tools:
- Stuxnet had everything: sophistication, geopolitics, and industrial control systems. Stuxnet had books, about it, a documentary, and a General in the United States Army was disciplined for disclosing that Stuxnet was in fact a US initiative codenamed Olympic Games. Delivering Stuxnet required combinations of technical capability, HUMINT, and provided necessary time for diplomatic channels to resolve issues.
- WannaCry and NotPetya won the title as champions of ransomware. The latter part of the decade should be known for ransomware, as it crippled telecoms, logistics, utilities, municipalities, and more. Perhaps no other malware brought the attention to cybersecurity that these two did, especially from non-cybersecurity practitioners. Despite the destruction caused, they also helped illustrate the importance of cybersecurity to the overall connected enterprise.
- Honorable mentions: PoisonIvy, Magecart, Anthem, Community Health Systems, and every banking trojan
This article originally appeared on forbes.com To read the full article and see the images, click here.
Nastel Technologies uses machine learning to detect anomalies, behavior and sentiment, accelerate decisions, satisfy customers, innovate continuously. To answer business-centric questions and provide actionable guidance for decision-makers, Nastel’s AutoPilot® for Analytics fuses:
- Advanced predictive anomaly detection, Bayesian Classification and other machine learning algorithms
- Raw information handling and analytics speed
- End-to-end business transaction tracking that spans technologies, tiers, and organizations
- Intuitive, easy-to-use data visualizations and dashboards
Nastel Technologies is the global leader in Integration Infrastructure Management (i2M). It helps companies achieve flawless delivery of digital services powered by integration infrastructure by delivering Middleware Management, Monitoring, Tracking, and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate, to answer business-centric questions, and provide actionable guidance for decision-makers. It is particularly focused on IBM MQ, Apache Kafka, Solace, TIBCO EMS, ACE/IIB and also supports RabbitMQ, ActiveMQ, Blockchain, IOT, DataPower, MFT and many more.
The Nastel i2M Platform provides:
- Secure self-service configuration management with auditing for governance & compliance
- Message management for Application Development, Test, & Support
- Real-time performance monitoring, alerting, and remediation
- Business transaction tracking and IT message tracing
- AIOps and APM
- Automation for CI/CD DevOps
- Analytics for root cause analysis & Management Information (MI)
- Integration with ITSM/SIEM solutions including ServiceNow, Splunk, & AppDynamics