For the last month or so, Dark Reading has been celebrating its 10th year of service to the IT community with a series of stories and columns remembering the decade. You’ve seen articles that called out some of the industry’s history and heard from some security visionaries on where we’ve been and where we’re going.
Today, I’d like to conclude our 10th anniversary coverage with thanks – and a look at the challenges ahead.
The thanks are for you, dear readers, who have clicked on our stories and given us both positive and negative feedback over the decade. While we have a wonderful staff – Kelly Jackson Higgins, Marilyn Cohodas, and Sara Peters -- and many great contributors, we would never have risen to the top of the industry without the people who read our content every day. You are the reason we do this job, and we thank you for your loyalty and your participation in our online community.
Over the decade, the IT security industry has achieved some great victories. Huge botnets have fallen. Some of the worst cybercriminals have been caught. Security has transcended the data center and now sits in the enterprise boardroom -- and in those hallowed halls where laws are made. The military added a fifth domain to its universe: land, sea, air, space – and now cyberspace.
Never has the work we do been so evident – or so important – as it is today. Nearly every day, we see the impact of cyberattacks through breaches such as those that have occurred at Anthem, the Office of Personnel Management, and the Federal Reserve. We’ve seen businesses lose their very lifeblood – intellectual property – and individuals lose their identities. And we’ve said a silent “thank you” on the many days that our defenses held and none of those things happened. If you’re an IT security professional, the work you do matters.
Yet, while some of you have been at your jobs for years -- even decades -- the battle to win cyberspace has just begun. Recent estimates project that cybercrime costs will reach $2 trillion by 2019. Risk Based Security’s Data Breach QuickView Report cited an all-time high 3,930 incidents in 2015, representing more than 736 million records – both all-time highs. In the US alone, more than 17.6 million people – about 7 percent of the population – were victims of identity theft in 2015. Clearly, the IT security industry has its work cut out for it in the months and years ahead.
For most of the past decade, spending on information security has increased every year – and so have data breaches and losses. From personal security to perimeter defense, many aspects of industry thinking have been thought and rethought. Yet, most experts agree that the defenders continue to lose ground against the attackers, who only need one good exploit to cause havoc in an enterprise network.
To gain back that lost ground, IT security professionals will need new technologies and new ways of thinking. Enterprises must stop looking at security in a vacuum and begin sharing information – as the attackers do so effectively. Vendors must stop inventing new, stand-alone products that solve only one problem – and don’t work together. Enterprises must stop fighting fires long enough to develop a real security architecture that goes beyond simple layering of disparate technologies. Businesses must make a sincere investment in IT security staffing and training. End users must recognize that their unsafe behavior affects not only their own data, but the entire organization.
As difficult as the last decade has been for IT security professionals, the next decade promises to be even harder. The bad guys are becoming more numerous, more sophisticated, and more prolific. And as the cost of breaches increases, the stakes are going up. Over the last decade, we’ve seen huge threats and challenges – and chances are that the next decade will make those obstacles look like a day at the beach.
At Dark Reading, our pledge is to be with you as you face those threats and challenges. Our goal is not just to bring you the news on the latest attacks, but to help you develop the defenses you need to mitigate them. Just as attackers need IRC and other online methods of communication and collaboration, so defenders need places to gather and share their experiences and their solutions. Dark Reading – in partnership with its sister sites and events such as Black Hat, InformationWeek, Interop, and Network Computing -- pledges to be such an online destination.
The last 10 years has been IT security’s greatest decade – and greatest challenge. At Dark Reading, we’re privileged to have helped you see that decade unfold – and we hope to be a light that will help you navigate the next decade as well.
- 10 Sea-Changing IT Security Trends Of The Past 10 Years
- Epic Security #FAILS Of The Past 10 Years
- The Worst Vulnerabilities Of The Past 10 Years