CB Insights Cybersecurity Trends Report identifies CryptoMove as future of data security

Security has always been a cat-and-mouse game with both defenders and attackers refining their tactics to gain an advantage. In the digital era, the complexity of this back-and-forth has reached new heights as an ever-expanding number of devices and networks carry more and more sensitive information for attackers to threaten.

For government, enterprise, and individuals, protecting data is mission critical, making targets even more valuable for attackers. As a result, the stakes continue to be raised on both sides, and it is estimated that the cybersecurity industry will be worth over $300 billion by 2025.

That figure comes from CB Insights, a market analysis firm that synthesizes information from independent experts, industry executives, and advanced machine learning to create forecasts for key sectors. The firm’s “Cybersecurity Trends” report, published on July 30, highlights emerging areas and technologies that will shape the future of information security.

In the report, CB Insights identified CryptoMove as part of the “Future of Data Security.” In today’s post, we look at how CryptoMove’s moving target defense (MTD) technology can serve the needs of “active data defense” and can promote secure operations in multiple areas identified by CB Insights as essential to the evolving field of digital security.

Active Data Defense

Protecting digital secrets has traditionally been envisioned like defending a bank vault with the hope that strong walls (encryption) and cameras/sensors (threat detection) could keep data safe. That paradigm is persistently vulnerable because it fails to recognize that as long as a target is stationary, time serves the interests of attackers. Today’s attackers are more sophisticated and patient than ever; they can lie in wait, collecting information about a system, and then identify and seize an opportunity to breach its defenses.

MTD is the opposite of these reactive and stationary data security strategies. Instead, it keeps data fragmented and constantly on-the-move, stripping attackers of the ability to effectively conduct reconnaissance and plan an attack. Instead of 1 bank vault, high value targets are constantly fragmented, sharded and re-distributed across an unlimited number of vaults—all the while mutating and changing properties as they change locations. This form of active data defense differentiates CryptoMove’s technology and makes it a critical element of the future of data security.

Container Security

The world’s biggest companies know that containerization in the cloud is the future of software. — CB Insights

In DevOps and software development, few areas have seen as much growth as container technology. Containers facilitate automation and portability along with faster and more efficient application deployment. These benefits have led to dramatic increases in the use of popular container platforms like Kubernetes.

“If you don’t know what Kubernetes is, you should know. It is the future of software. There is nothing done today that does not involve Kubernetes.” — Nicolas Chaillan, Air Force Chief Software Officer

Containerization can enhance both productivity and security, but this requires using best practices to manage the container ecosystem. A hack of the Docker Hub repository in April affected over 190,000 users, demonstrating the necessity of prioritizing container security.

Taking advantage of cloud-based containers requires managing a constantly growing profile of keys and secrets. The CryptoMove Key Vault provides an easy-to-use system for organizing those secrets backed by the power of MTD, and CryptoMove has found tremendous traction with customers who need better methods for defending Kubernetes secrets.

Open-Source Code

As open-source code makes its way into critical enterprise applications, there is potential for massive security failures. — CB Insights

Open-source code repositories create both tremendous opportunity and risk. They provide access to a wealth of code resources for enterprises of all kinds but also harbor dangers of integrating malicious code or accidentally leaking secrets.

A detailed study published earlier this year found that thousands of secrets were accidentally posted to GitHub every single day. Many of those leaks were left exposed for weeks or months. Often those leaked secrets provided information that could be used by attackers to gain access to other sensitive data.

More vulnerabilities are being reported in open-source software than ever before. According to cybersecurity startup Snyk, 2017 saw a 43% increase in vulnerabilities reported across all open source registries, and in 2018 the vulnerability count grew by another 33%. — CB Insights

Harnessing the benefits of open-source repos requires that the proper mechanisms are in place to ensure that they don’t become a liability. The CryptoMove Key Vault makes it easy to create source code using throwaway tokens in place of actual API keys and authorizations; meanwhile, the actual secrets are kept organized and protected within the vault.

This same functionality applies to other sites where sharing of secrets is perilous, including email and Slack. The CryptoMove Key Vault facilitates straightforward integration of secrets management into the DevOps workflow, allowing teams to create, delete, share, and rotate keys from a unified dashboard. This empowers those teams to maximize the benefits of open-source repos without generating security vulnerabilities.

Quantum Computing

The CB Insights report flags post-quantum security strategies as another crucial emerging area in information security. Quantum computing promises enormous leaps in processing power that will render obsolete many of the encryption algorithms that are depended on today. The challenge is that no one knows for sure when quantum computers will be usable, who will build them first, or what the consensus standards will be for post-quantum encryption.

In the face of this uncertainty, some organizations are choosing to wait it out, postponing decisions until there is more clarity about the future of this technology. Such a strategy, though, is effectively rolling the dice on the future while mistakenly underestimating present-day risks.

Forward-thinking enterprises will start developing quantum encryption strategies today, before it’s too late. — CB Insights

Quantum-resistant data protection is important today even though quantum computers are not yet in use. The reason is that attackers can employ tactics — sometimes called “steal now, decrypt later” — to exfiltrate and amass data that has encryption that will be easily cracked once quantum computers are available. In addition, organizations that wait to build their defenses for the post-quantum era are likely to be caught flat-footed and vulnerable during the process of trying to hastily implement quantum-safe systems.

CryptoMove provides a strategy that can be implemented today to prepare for the quantum computers of tomorrow. In the short-term, MTD protects data at rest from “steal now, decrypt later” attacks. For the medium- to long-term, or whenever quantum computing becomes a reality, MTD generates sufficient entropy in the data store to stymie quantum-based attacks. At the same time, CryptoMove’s technology can plug-and-play with any cryptographic algorithm, making for stress-free integration with whatever cryptographic standards are developed and codified in the future.

Data Provenance

Data provenance tools are integral to the future of data security. They can help determine if a particular piece of information came from a specific source, what tools were used to create it, and if it was modified over time. — CB Insights

The value of data is dependent on its credibility. For information to be credible, its history — or data provenance — must be known and verifiable.

CryptoMove’s technology helps to keep data safe from attacks of any kind. This includes not just data theft but also data manipulation. While the data is moving and morphing, the technology consistently performs integrity checks to ensure that the data fragments in circulation have not been corrupted. In this way, CryptoMove can form a critical part of the chain that maintains data integrity and verifies data provenance.

The Future of Data Security

Cybersecurity is one of the most dynamic segments of the technology industry. As new threats have arisen and new technologies have been developed, the field has witnessed rapid change that shows no signs of abating.

Though no one can say with certainty how the industry will evolve, the CB Insights report offers a meaningful look at trends that identify essential elements of data protection today and in the coming years. CryptoMove’s MTD technology can bolster security in vital areas — including data at rest, container security, open-source coding, quantum computing, and data provenance — leading to CryptoMove’s recognition by CB Insights as part of the future of data security.

Developers interested in trying out CryptoMove to manage keys and secrets can sign up for access to the CryptoMove Key Vault.

Also check out the CryptoMove Chrome Browser Extension to protect sensitive information in Slack or Gmail.