This isn’t an easy article to write, as there seems to be confusion in terminology, understanding and influence of innovation in this industry. So, to give background to my briefing, personally, I have accepted that Innovation has 2 forms; ‘The cool’ (new technology that provides insight, protection or control over areas not previously thought possible); and ‘The approach’ (innovation doesn’t have to include new colours or code, but can include methodology, or approaches that add, or increase the value of existing investments). So to that end we will separate some of the ‘Trends, Innovation and Insights’ as far as we can….. 

The main thing to accept is that sadly - but inevitably - the success or acceptance of any technology, regardless of how good it really is, has now come down to the ability of an innovator to gain investment. A good story, a great UI, a maverick spokesperson, or previous proven start-ups can often override significant investment in genuinely innovative thinking. 

Disappointed? 

Fear not, the good news is there is plenty of innovation around the enhancement, adaptation, and interoperability of existing technologies to increase our Cyber protection levels and significantly enhance our Cyber Hygiene. A great example here is solutions that focus on CSPM (Cloud Security Posture Management) and are truly ‘agnostic’. Proliferation in cloud and a tendency to invest in architectural best practices dictated by Vendors or Technology Providers ignores the wider risks. Procurement and delivery of transparent solutions that integrate with the entire DevOps cycle, including deployed applications, interconnected multi cloud and app development had previously been too complex and costly an exercise, the benefits of which seemed to be far too low down the stack against potential interruption to services and the perceived value already present in the native tooling. For me, CSPM is here, it’s here to stay and outside of you Asset Management and Vulnerability programs could be the best investment you make. 

Why do we always obsess over Cool and don’t re-invent what we know? 

Innovation doesn’t have to be exciting because in many ways – and what excites me most - what I am seeing in business process, culture and security awareness innovation could change the workplace. Listening to both Sarah Janes & Dr Jessica Barker speak to eloquently about the need for us to innovate in the human side of Security certainly made me question our commitment to the weakest link. For those of you who are not familiar with their work, I strongly recommend you treat yourself to a 5 minute ‘Google’ and get to know how they are helping businesses innovate in Human Cyber Security. 

Why haven’t you given me the name of an Innovative Technology? 

This isn’t easy, because rightly, there’s been a proliferation of ‘turning up the dial’ on Threat Detection, through integrated services and technologies across the spectrum. The lack of something entirely unique has also been threatened by the investment and acquisition cycles we are seeing, so I’m going to offer you a areas that have benefitted from, or where innovative thinking needs to be ‘applied’: 

1. Seeing the threat of Cyber-Physical Systems. IoT and OT is now around us all, with more and more services exposed to the internet (OT/IOT) but also cloud services. 

2. Going back to security basics including Asset Management and Vulnerability/Patching enablement. THIS IS GOING TO BE ONE OF YOUR STRONGEST INVESTMENTS. 

3. Invest in prioritizing visibility, integration and reduction of platforms to support faster decision making and reduce policy fatigue across Hybrid Infrastructures. 

Here are some areas that will no doubt be top of mind in the coming 18 months: SSPM, Breach and Attack Simulation, Attack Surface Discovery, Secure Service Edge, Increased Breadth and Accuracy in the delivery of Behavioural AI Protection. 

Having satiated some of your needs for innovative technology areas, I’m hoping that you are at least cognisant of where I’m headed……. Innovation doesn’t need technology – look at your teams and your business, you current technology even and seek innovation close to home. 

Jeremy Edwards

Head of Solutions & Technology 

Bytes