UNIT 15 – The Future of Cybersecurity: The Threats Grow

With IT in our lives being ubiquitous, the emergence of the Dark Web along with
identity theft and phishing, the development of bots and augmented soldiers, and
the growing importance of cyberwarfare, the need for cybersecurity specialists is
only going to grow. Let’s look at what three authors in the field of cybersecurity have
to say (please note that these articles are edited and paraphrased. Please follow the
links for the complete article).

“The Future of Cybersecurity”

February 10, 2017 | By Domenico Raguseo
Security Intelligence
https://securityintelligence.com/the-future-of-cybersecurity/

As organizations develop and adopt technologies related to big data, cognitive

computing, and the Internet of Things (IoT), cyberthreats are growing in both
volume and complexity.

The race is on to secure these systems and devices before black hat hackers figure
out how to exploit them. Here are three important themes for the future.

The Power of Big Data

Massive amounts of data are produced by a rapidly growing number of devices. The
equation is very simple: More devices means more data, both structured and
unstructured. Widespread mobile adoption has led to the rise of social networks,
which generate even more data. Data scientists have developed ways to use this
information in advertising and marketing campaigns. But what happens if
cybercriminals get their hands on this data? With such power to influence the
public’s behavior, the consequences could be dire.

That’s where cognitive security comes in. With machine learning, IT professionals
can process threat data more efficiently, and more accurately predict criminal
activity. This is just one of the many ways in which cognitive computing will shape
the future of cybersecurity.

Securing the Internet of Things

Security professionals are very good in protecting servers and traditional mobile
devices such as smartphones, but what about cars, refrigerators, thermostats and
other home automation gadgets? Even more importantly, can they secure medical
equipment in increasingly connected hospitals?

Cybercriminals commonly hijack connected devices to form botnets in efforts to do

distributed denial-of-service (DDoS) attacks against high-profile websites. It is
becoming even more important for users and enterprises to properly secure their
devices. Device manufacturers should build effective security controls into their
products, and organizations should conduct exhaustive application security testing.

Looking Ahead for Industries

In the past, SCADA (Supervisory Control and Data Acquisition) was secure by
nature, inaccessible to outside parties by using proprietary protocols. Reductions

131
UNIT 15 – The Future of Cybersecurity: The Threats Grow

in cost and productivity, however, have caused the market to use standard protocols
and interfaces that make SCADA systems vulnerable. For this reason, identity and
password management are critical.

Shaping the Future of Cybersecurity

While these threats pose a significant challenge to IT professionals across all areas,
the need for solutions will only increase as technologies such as cognitive
computing, big data analytics and the IoT further develop and influence our
increasingly connected world in unprecedented ways.

***

What Will Cybersecurity Look Like 10 Years From Now?

Sep 14, 2017, 12:55pm
Answer by Gil Shwed, Founder and CEO of Check Point Software Technologies
Ltd., on Quora
Forbes Magazine
https://www.forbes.com/sites/quora/2017/09/14/what-will-cybersecurity-look-like-10-
years-from-now/#16786d226e6e

The future of cybersecurity is tightly connected to the future of information

technology and the advancements of the cyberspace. While I personally have never
taken the liberty of predicting the future, it is clear that the role of cyber will become
even larger in our personal and business lives.

Today, most of our critical systems are interconnected and driven by computers. In
the future, this connection will be even tighter. More decisions will be automated. Our
personal lives will use virtual assistants, and IoT connected devices will be part of
almost every part of our daily lives. Connected cars will make our daily commute
easier, and almost all of our personal data will be in cloud computing, where we don’t
fully control the dataflow and access to the information.

In the coming ten years, nation-sponsored organizations will continue to develop

cyber-attack technologies for defense and offense; financially-driven criminal
groups will continue to look for ways to make money from cyber-attacks; hacktivists
will continue to use computers to send their messages; terrorist groups will also shift
to cyber space; and finally – people with no apparent motive, who seek to
demonstrate their technical skills, will continue “contributing” to the attacker
ecosystem.

So overall, we will see systems that are smarter, sophisticated, able to handle large
populations and large amounts of data, systems that can update themselves rapidly,
that can take decisions in real time and that connect to shared-intelligence centers
that will keep us guarded.

Finally, as far as the general public is concerned, I believe that keeping ourselves
cyber secure will become as commonplace as keeping our physical safety. If today
we all know to lock our doors at night, put on our seatbelts when driving, and use a
helmet when hopping on our motorbikes, in ten years from now the same level of
awareness will be given to ensure we are also digitally secure.

132
UNIT 15 – The Future of Cybersecurity: The Threats Grow

***

“8 cybersecurity trends to watch for 2018”

By Michelle Drolet, star Advisor, Contributor, CSO | DEC 11, 2017 7:15 AM PT
IDG CONTRIBUTOR NETWORK
Opinions expressed by ICN authors are their own.
https://www.csoonline.com/article/3241242/data-protection/8-cybersecurity-trends-to-
watch-for-2018.html

As we stand on the threshold of another year, the war for our cybersecurity rages
on. There have been many data breaches in 2017, most notably for Equifax,
Verizon, and Kmart. But if you seek a silver lining in the cloud, perhaps you’ll be
glad of the news that the global average cost of a data breach is down 10 percent
over previous years to $3.62 million, according to the Ponemon Institute. Sadly, the
average size of a data breach increased nearly two percent. Clearly there’s still
plenty of work to do. Here are some of the trends, challenges and threats that await
us all in 2018.

1. Ready for the General Data Protection Regulation (GDPR)?

The European Union’s new GDPR explains how companies should process, store,
and secure the personal data of EU citizens. The GDPR will be enforced from May
25, and infringements can cause fine of up to 20 million euros ($23.6 million at the
time of writing) or 4% of the total worldwide annual turnover of the preceding
financial year.

2. AI and machine learning can boost cyber defenses

As artificial intelligence and machine learning increases and starts to impact more
and more industries, it is sure to play a bigger role in cybersecurity. Because the
battle with cyber criminals moves so quickly, machine learning models that can
predict and accurately identify attacks swiftly could be a real help for InfoSec
professionals. In the year ahead, these models need to be trained and honed.
However, there is also a risk that AI and machine learning may be exploited by
attackers.

3. Be proactive about ransomware

Ransomware has been a growing threat for the last few years, but it continues to
claim high profile victims. It’s not yet clear what everyone learned from the
WannaCry ransomware attacks, but we hope that it highlighted the need to back up
regularly, keep patching and updating systems, and strengthen your real-time
defenses.

4. Handling data breaches gracefully

It may prove impossible to eradicate data breaches completely, but every
organization has the power to lessen the blow by handling the aftermath correctly.
Equifax gave us a masterclass in how not to handle a data breach this year. By
delaying disclosure, misdirecting potential victims, and failing to patch a known
vulnerability, it made a bad situation much worse.

133
UNIT 15 – The Future of Cybersecurity: The Threats Grow

5. The IoT is a weak link

As more and more sensor-packed, internet-connected devices are produced, the
Internet of Things remains a major weak point for defenses. All too often these
devices lack basic security features, or they are not properly configured and rely
upon default passwords that can give attackers easy access.

6. There’s still a skills shortage

The lack of skilled cybersecurity professionals continues to be a major problem for
many organizations. Even with average InfoSec salaries soaring, there are
thousands of vacant positions.

7. Developing a common language

While the threat of multiple attacks, there are also positive developments in the
cybersecurity, not least of which is the creation and adoption of NIST’s
Cybersecurity Framework. As more organizations and cybersecurity experts come
together to develop a common language, our collective defenses grow stronger.

8. Patching and application testing

It’s not shiny or new or exciting, but it should still be the most important. The number
of data breaches in 2017 that were made possible by known vulnerabilities and a
slow approach to patching is inexcusable. It’s not enough to identify problems – you
must correct them. Application testing is too often ignored. If you don’t test your
security, then you don’t know how secure your application is.

***

As you can see, the problems for the future are many, and they are basically the
same problems we have now. By learning all you can about cybersecurity, to can
ensure a rewarding, lucrative career in the future.

FACTOID: SilverBull, a full-service IT and cybersecurity recruiting and staffing

company based in the US recently published figures for chief information security
officer (CISO) salaries. They state that the average median CISO salary is $204,000
as of January 9, 2016

134
UNIT 15 – The Future of Cybersecurity: The Threats Grow

VOCABULARY
TECHNICAL
augmented (adj) - збільшений /
увеличенный
big data (n) - великі дані / большие
данные (серия подходов,
инструментов и методов обработки и
анализа структурированных,
полуструктурированных и
неструктурированных данных
огромных объёмов и значительного
многообразия для получения
полезных на практике,
человекочитаемых результатов)
bot (n) – бот / бот (программа,
автоматически выполняющая какие-
либо действия через те же
интерфейсы, что и обычный
пользователь)
botnet (n) – ботнет / бот-сеть (сеть из
компьютеров ('зомби'), зараженных
ботами, способная управляться
удаленно для выполнения
массированных действий (рассылка
спама, проведение атак отказа в
обслуживании и т.д.)
CISO (Computer Information
Security Officer) – Співробітник
(Офіцер) інформаційної безпеки /
сотрудник (офицер) службы
безопасности
cognitive computing (n) - когнітивні
обчислення / когнитивные
вычисления
cognitive security (n) - когнітивна
безпека / обеспечение
информационной безопасности с
использованием СИИ
configure (v) – налаштовувати /
настраивать; конфигурировать
cybercriminal (n) – кіберзлочинник /
киберпреступник
NON-TECHNICAL
accurately (adv) – точно; безпомилково;
ретельно / в точности; строго
annual turnover (n) - річний оборот /
годовой оборот
collective (adj) – збірний; колективний;
спільний; сукупний / собирательный;
коллективный
commonplace (adj) –
загальноприйнятий / неоригинальный;
банальний
commute (v) – поїздка на роботу та у
зворотному напрямку / поездка на
работу и обратно (оособ. ежедневно из
пригорода (на пригородном поезде или
на машине)
consequence (n) – наслідки;
наступництво / следствие; последствие
critical (adj) – критичний; вирішальний;
поворотний / критический; решающий;
стратегически важный
dire (adj) – страшний; жахливий;
зловісний; крайній / предвещающий
несчастье; угрожающее (положение)
emergence (n) – виникнення; поява; /
появление; крайняя необходимость

135
UNIT 15 – The Future of Cybersecurity: The Threats Grow

cyberwarfare (n) – інформаційна ensure (v) – забезпечити; ручатися;

війна; кібервійни / война в страхувати / обеспечивать;
кибернетическом пространстве; удостовериться
ведение боевых действий в
кибернетическом пространстве;
военные операции с целью
достижения информационного
превосходства над противником
data breach (n) - порушення даних / financially-driven (adj) - з фінансової
уязвимость данных точки зору / в финансовом отношении
data scientist (n) – вчений, який gracefully (adv) – корректно; витончено;
працює із даними / учёный, граціозно; елегантно / достойно;
работающий с данными корректно (выключать)
DDoS (Distributed Denial of Service) helmet (n) – шолом; каска / шлем
– Розподілена атака типу «відмова в
обслуговуванні» / распределенная
атака типа "отказ в обслуживании"
default (n) – інстальований із самого hijack (v) – захопити; відбирати
початку (початкове налаштування) / силоміць / захватить транспортное
оператор, устанавливаемый по средство
умолчанию exhaustive (adj) – виснажливий;
вичерпний / истощающий;
исчерпывающий
digitally secure (adj) - цифровий hone (v) – відточити; гострити / точить;
захист / цыфровая защита
GDPR (General Data Protection impact (v, n) – міцно закріпляти;
Regulations) - Загальні правила ущільнювати / вплив; імпульс //
захисту інформації / Общие правила оказывать влияние; воздействовать
защиты данных
identity theft (n) - крадіжки особистих inaccessible (adj) – недоступний /
даних / хищение персональных недоступный
данных
InfoSec (INFOrmation SECurity) - inexcusable (adj) – непрощенний / не
Інформаційна безпека / защита имеющий оправдания
информации от
несанкционированного доступа
IoT (Internet of Things) - Інтернет infringement (n) – порушення; зазіхання
речей / Интернет вещей / нарушение
(вычислительная сеть физических
объектов/«вещей», оснащённых
встроенными технологиями для
взаимодействия друг с другом или с
внешней средой)

136
UNIT 15 – The Future of Cybersecurity: The Threats Grow
machine learning (n) – із засобами
машинне навчання / со средствами
машинного обучения; обучение
машин (одно из направлений ИИ.
Обобщает результаты и идеи,
связанные с нейросетевыми
вычислениями, эволюционными и
генетическими алгоритмами,
нечёткими множествами и др.)
patching (n) – виправлення; зміна
програми за допомогою коректування
/ внесение вставок (в программу);
восстановление после повреждения
phishing (n) – фішинг / "фишинг"
(преступная деятельность интернет-
мошенников, действующих под
видом благонадёжных компаний и
юр. лиц, с целью незаконного
получения секретной информации:
паролей, данных кредитных
карточек, логинов...)
SCADA (Supervisory Control and
Data Acquisition) - Наглядовий
контроль та збір даних / управление
и сбор данных
virtual assistant (n) - віртуальний
помічник / виртуальный цифровой
помощник
137
lucrative (adj) – прибутковий; вигідний /
прибыльный
masterclass (n) - майстер клас /
показательный урок
nation-sponsored (adj) – держава-
спонсор / государство выступающее в
качестве спонсора
proactive (adj) – активний /
превентивный
proprietary (adj) – патентований;
приватний; приватний / коммерческий;
патентованный
recruiting (adj, n)- рекрутинг;
вербування / подбор кадров
rewarding (adj) – корисний; що
винагороджує; добре оплачуваний /
дающий результат; награждение;
носящий результативный характер
seat belt (n) - пасок безпеки / ремень
безопасности
sensor-packed (adj) - упакований
датчиком / оснащенный сенсором,
датчиком
shared-intelligence (adj) - спільний
“інтелект”; спільне використання
інформаційних ресурсів / обмениваться
(секретной, разведывательной)
информацией
UNIT 15 – The Future of Cybersecurity: The Threats Grow

silver lining (n) – позитивний момент,

втіха у чомусь складному, безнадійному
/ что-то хорошее в плохом (нет худа без
добра)
soar (v) - височіти над чимoсь;
підноситися / парить; высоко летать
structured/unstructured (adj) –
структурований / неструктурований //
упорядоченный / лишённый структуры
thermostat (n) – термостат / реле
температуры
threshold (n) – контрольні параметри,
поріг; переддень / граничное значение;
предельная величина
ubiquitous (adj) – повсюдний; широко
розповсюджений / повсеместный;
повсеместно распространённый
vacant (adj) – вільний; незайнятий /
вакантный
vulnerability (n) – вразливість /
уязвимость

ACTIVITIES:
1) What is the Internet of Things and what are its vulnerabilities?

2) What do you think will be the biggest cyberthreat in the future and why?

3) How would you go about addressing a cyberthreat?

4) Explain how can AI be exploited by cybercriminals?

Vocabulary exercises

Exercise 1. Match the word / phrase with its definition

1) cognitive a) intending or intended to produce a good result or avoid a

problem, rather than waiting until there is a problem
2) denial b) producing much money or making a large profit
3) default c) difficult or impossible to reach
4) cyber warfare d) in a smooth, relaxed, attractive way
5) breach e) very serious or extreme
6) theft f) happening or seen frequently and so not considered
special or unusual
7) acquisition g) happening once every year; relating to a period of one year
8) annual h) the act of obtaining or beginning to have something, or
something obtained

138
UNIT 15 – The Future of Cybersecurity: The Threats Grow

9) commonplace i) the act of taking something that belongs to someone

else and keeping it; stealing
10) dire j) an act of breaking a rule, law, custom, or practice
11) gracefully k) the use of the internet to attack an enemy, by damaging things
such as communication and transport systems or
water and electricity supplies
12) inaccessible l) a standard setting esp. of computer software, such as
of type size or style
13) lucrative m) the act of not allowing someone to do or have something
14) proactive n) connected with thinking or conscious mental processes

Exercise 2. Fill in the blanks with the words / phrases from the vocabulary of the
Unit.

augmented botnet configure phishing soar proprietary

infringement

1) She _________________ her income by taking a second job.

2) Computer security experts warn that ______ programs are evolving faster
than security firms can respond.
3) Some software can be _________________ to prevent children from giving
out their phone numbers on the internet.
4) _______________ emails can look as if they come from a real bank email
address.
5) The popularity of such jobs has ____________________ in recent years.
6) This is __________ software, and you have no right to copy it without
a license from the owner.
7) The report argues that the penalty for online ______________ of copyright should
be increased.

Exercise 3. What does the abbreviation/acronym stand for?

1) DDoS
2) SCADA
3) CEO
4) GDPR
5) CISO
6) IT

139
UNIT 15 – The Future of Cybersecurity: The Threats Grow

Grammar

Exercise 4. Focus on QUESTIONS. Study the tables below and write

down your own examples in your notebooks.

Questions Yes / No answers Wh- Questions

begin with an auxiliary or modal verb begin with a question word (who, what,
(is, are, do, does, have, can, must, will, where, why, when, whose, which, how,
etc.); etc.)

Is he a student? How do you get to the Academy?

Your own examples

Who is used without a noun to ask about Who wrote this book? Your
people. own
example
Whose is used to express possession. Whose bag is that?

Which is used: Which one do you want to

- for people, animals or things alone or start with?
before nouns, one / ones or of;

- when there is a limited choice of Which is your car – the red

answers; one or the blue one?

- with the comparative and superlative. Which activity is easier for

you - writing or speaking?

140
UNIT 15 – The Future of Cybersecurity: The Threats Grow

What is used: What country do you come

- alone or before a noun to ask about from?
things;
- for people, animals and things when What kind of applications can
there is an unlimited choice of answers; you use?
- in these patterns:
What …. like? What did you used to like to
What … for? do on the computer when you
What color …? studied at school?
What size …?
What kind / sort …?
What time …?
What is she like?
What is it used for?
etc.

What and which are sometimes both What/Which subjects does

possible. she teach?

Where is used to ask about a place. Where do you live?

When is used to ask about time. When are you leaving?

Why is used to ask about the reason Why are you late?
why something happens / happened.

How is used alone or before an adj./adv. How good is he at math?

How long is used to ask about a time How long have you been
period. studying English?

How often is used to ask about How often do you have

frequency. English classes?

How much is used with uncountable How much time do you spend
nouns. on your homework?
How many is used with countable How many hours a day do
nouns. you work?

141