Black Swans and Cyber Security

10952640496?profile=RESIZE_400xFirst coined by Lebanese-American thought leader Nassim Nicholas Taleb, the term “black swan” refers to unexpected global events that have a profound effect on society. Some are beneficial, like the invention of the printing press; and others are destructive, such as the subprime crisis in 2008.  But they have all altered the course of history.

In recent years, we have bore witness to a surge of black swan events, and they continue to emerge in real time.  They have affected every facet of our lives, and this rings true in the world of cybersecurity.  By analyzing these recent events, we can better map out our industry’s evolutionary processes to predict where cybersecurity is heading next.[1]

The COVID-19 pandemic set the stage for innovation.  It’s unquestionable that one of the most significant black swans of recent memory was the beginning of the COVID-19 pandemic in 2020.  One of the direct results of this global crisis was the transition to work-from-home practices, and with it came an overwhelming incentive to migrate a significant portion of our digital activity away from physical data centers to the virtual cloud workspace.

This was a matter of decentralization versus centralization - Prior to the pandemic, centralizing an organization’s digital assets in one physical location that could be protected with a traditional security perimeter was considered standard practice.  But during the pandemic, it became a liability, and organizations rapidly decentralized to move assets like business-critical applications and databases to the cloud.  But this adjustment altered hackers’ attack vectors, requiring completely different defenses.

The decentralization of digital assets introduced new security vulnerabilities, both in the workplace and in employees’ homes, creating a significant hurdle to protecting against cyber criminals who were only growing more sophisticated and well-funded.   These hackers developed new methods, known as 5th generation (Gen V) attacks, which were multidimensional and allowed the threat actors to hit from many different angles simultaneously.

As these new cyber threats emerged, the newly-developed cloud environments also demanded security products that were easier and quicker to install, activate and maintain. All of these elements combined to create the perfect conditions for a new approach to cybersecurity, one that would require record-breaking funding.

The rise and fall of cybersecurity capital investments - The next black swan in cybersecurity came on the heels of the pandemic’s effective end (also known as the COVID-cyber-boom).  The combination of the need to protect decentralized digital assets from Gen V attacks with the need to develop new products for today’s modern environments was a powerful incentive for innovation, fostered by a macroeconomic environment where interest rates were low and liquidity was high.  It is unsurprising that in 2021, more than $20 billion in venture funding was invested in cybersecurity companies globally, a new record. Venture capital firms were eager to get involved in this expanding industry.

As a result of this free flow of cash, cybersecurity start-ups experienced meteoric market valuations, resulting in the emergence of many unicorns. While these valuations certainly represented their potential, they were often inaccurate representations of the companies’ actual worth.  And with these investments came an onslaught of new cybersecurity products available to CISOs, providing a level of variety previously unheard of.  But as the market was flooded by companies with inaccurate valuations, a bubble was created.  And unfortunately, we know how bubbles end.

The final black swan actually involved three events in 2022: an increase in interest rates, a global supply chain crisis, and the war in Ukraine. This was a perfect storm for a worldwide recession. Capital and market valuations, which both seemed so abundant just a year before, seemed to fall off a cliff, and as a result, the growth so easily sustained in 2021 experienced a huge slowdown.

Currently, we are left in a troublesome situation.  Amid a decline in innovation investments, assets continue to be decentralized, the Gen V attack surface still exists and organizations need an end-to-end solution.  As such, some predict that in the next 18 months, the industry will experience extreme consolidation to strengthen the defensive line of cybersecurity products and provide a comprehensive solution.  This means consolidating similar products under one roof to create an end-to-end solution that empowers CISOs to deliver a layered model of protection.  Rather than relying on the founding of new companies, this will be accomplished through mergers, acquisitions, or partnerships.

The challenge here is one of execution, and the gravity of these sorts of integrations for large organizations looms large.  There are real and valid concerns around these sorts of unifications.  What if large organizations with deep pockets absorb start-ups and rob them of their agency and agility, essentially stamping out any capacity for innovation before they can hit their stride?  Any advantages to be gained by the acquisition will be lost if they effectively squash these competitive differentiators.

To prevent this, organizations must tread carefully to grant the acquired start-ups a high degree of autonomy without any added bureaucracy or friction.  Only by guaranteeing these freedoms can large organizations harness start-ups’ ability to develop, test, and deploy solutions with advanced precision and speed.  This will likely require strategic organizational restructuring, wherein an individual who understands how to balance the needs of a start-up with the wealth, size and goals of a large organization can act as a trusted go-between between leadership and the start-up team.  This is how larger organizations can reinvent themselves to rise to the occasion brought about by a series of black swans.

On the start-up side, these entrepreneurs need to ensure that their new parent organization aligns with their vision for growth.  They should establish a roadmap for the next two or three fiscal years to set expectations on both sides.  With all parties united in their goals, cybersecurity organizations can provide a modern, end-to-end solution to decentralization without forcing the industry to rely on venture funding that simply no longer exists.

Black swans are driving positive change in cybersecurity - The digital decentralization of 2020, industry growth of 2021 and inevitable bust of 2022 have been a whirlwind of events in just three short years.  But their challenges and opportunities will move us forward to a more cyber secure world.  After a rapid succession of black swans that have irreversibly shifted the course of our industry, the technological and economic evolution of cybersecurity is progressing in a positive direction toward a brighter future.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com             

Weekly Cyber Intelligence Briefings:

  • Reporting: https://www. redskyalliance. org/   
  • Website: https://www. wapacklabs. com/  
  • LinkedIn: https://www. linkedin. com/company/64265941   

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/5504229295967742989  

[1] https://venturebeat.com/security/black-swans-events-are-shaping-the-cybersecurity-present-and-future/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!