Back to the Future!

Back to the Future!

It's hard to make predictions about the future. But who doesn't like to make them or read them? One of my favorite movies of all time is an irreplaceable and inevitable masterpiece “Back to the Future“.

Why is this movie so special? Well, beside it’s very funny, inventive and exciting, with great casting, this movie had a great number of predictions that already came true and that will come true in the future.

For the moment, let’s switch to a cyber security space and see what we, in IBM Security, predicted in the past that is happening now and that will come in a near future. 

Most of the IBM Security predictions were around artificial intelligence, global lack of skilled security professionals, organizations’ inadequate incident response programs and overall cyber-criminal business that will keep blooming... 

A quick look at the current situation:


· Cyber-criminal business today is bigger than drug trafficking!

· Nowadays the world is missing 300K - 500K senior security professionals with a predicted shortfall of 1.8 million unfilled security positions by 2022 (source)

· IBM with cognitive Watson platform was a pioneer in bringing AI element to cyber security defense system - now it’s an industry standard;

· We can say the same for incident response orchestration and for adoption of IBM Security Resilient platform in the market.


It seems that those predictions which IBM security experts revealed in 2017 and 2018 (*) were pretty realistic and based on ongoing trends it looks like that 2019 won’t be different either.

Based on the new reference set IBM Security made last year in the South East Europe region, we can freely say that a lot of organizations shared the same view about our predictions and overall challenges that we are all facing in cyber security arena. At recent THINK South East Europe 2018 conference that was held in Slovenia back in November, we had the opportunity to hear from some of those organizations how tools from the future are helping them in a present time:


· One of the world's leading end-to-end gaming companies, IGT, explained how by employing the machine learning and AI-based capabilities of IBM® Security AppScan® application security software, the company was able to rule out hundreds of “false positive“ security issues and instead focus on a handful of specific code sections that have been fixed, allowing developers to meet their targets while mitigating security risks in the high-profile lottery and gaming industry.

· We also had the opportunity to hear experience from the Telco industry as two regional players Telekom Slovenije and BH Telecom separately shared their views on how the IBM QRadar platform became a fundamental part of their respective Security Operation Centers. The idea behind was to select the Security Information and Event Management (SIEM) platform that will not only make their organizations more secure but also offer them the possibility to become a security services provider in the market. They have chosen the security intelligence and analytics platform that has been a leader for 10 consecutive years in Gartner Magic Quadrant.

· One of the largest regional food and beverages companies in Croatia, Atlantic Grupa, explained why they chose to outsource to IBM Managed Security Services both SIEM and Endpoint protection. This is also an example how to successfully face the challenge of security skills shortage in a local market by partnering with IBM Security. The company decided to use both proven solutions and experienced expert’s support in order to protect their business.

· We heard how financial organizations are using IBM Guardium Data to address challenges like compliance and protection against internal and external threats with regards to data protection.


Coming back to the movie - Doc, the scientist, invented a car, more like a time machine, that made it possible to travel through time. Even though this was very convenient for good guys to fix some things in past or future, as you could see in the movie that car was also very dangerous in wrong hands.

Imagine what would happen if in the real world someone would take over control of your car while you are in the driver seat? Actually, no need to imagine - this is already a reality!

Modern motor vehicles often include new connected vehicle technologies that aim to provide different benefits such as added safety features, improved fuel economy, and greater overall convenience... However, with this increased connectivity there is higher risk of being hacked while this time the victim is not your personal device like mobile phone or workstation, but instead it’s your car. In this case the problem is obviously a bit bigger, as when you need to stop at a red light you want to be sure you’ll definitely be able to stop your car.

So tomorrow when you are buying a new fancy smart car, most likely you will want to know if the car manufacturer, during design and development phase, already consulted experts such as IBM X-Force Red Automotive Testing services teams who actually make it critical to implement proper vehicle cybersecurity measures.

IBM Security services and X-Force Red team are actually a well-known team of hundreds of experts and professionals around the world who tackle clients' security issues every day. Among other things they are helping clients with a broad scope of security services like: Offensive security services, Penetration testing services, Automotive testing services, IoT testing services, ATM testing services, Vulnerability management services... We were lucky to see them in the field across SEE region working with several clients.

Now for the moment let’s go back to the future. What to expect in the years to come?

My guess is that we will see more and more organizations that are looking to outsource their security either by using managed security services from SOC providers or at least outsource CISO function.

From technology point of view besides artificial intelligence that will have an even more important role in the cyber security domain, I see that IoT Security will most likely become a hot topic. As a cherry on top we will probably see something called predictive Security - to predict cyber-attacks and prevent before they happen in the future. Yes, it will be possible and I’m sure even though I didn’t ask Doc.

Human beings are still going to be the strongest and the weakest points of our defense system. Even though artificial intelligence will make our defense systems more productive and efficient, it won’t be able to replace humans as human creativity is irreplaceable.