I just got back from nearly a week at Gartner’s flagship Security Summit at National Harbor. It was crazy busy but luckily it was also very motivating to speak with so many security colleagues who have similar professional interests. There’s nothing like face to face communications when it comes to brainstorming industry issues.
Here are my main takeaways:
It’s become crystal clear over the past year that the EDR (endpoint detection and response) market has bifurcated into serving two separate audiences:
- Lean forward organizations with threat hunters and skilled (and available) security resources who want to use EDR data (and other data sets) for threat hunting and investigations.
- Mainstream organizations who want more visibility and detection built into their endpoint protection products because they realize endpoint prevention fails to block many types of threats, especially those that are file-less.
What does this mean for EDR? Option A EDR is all about the data; Option B EDR is all about the features, as Oleg Glebov of Kaspersky Labs aptly summarized when we discussed it during the conference.
I delivered a pitch on endpoint security and described what leading solutions for mainstream endpoint security buyers look like in 2018:
During the pitch, I reviewed three vendors that exemplify this architecture but most of the endpoint security vendors are either building towards this architecture or already have.
Vendors who are ahead of the game are already clear on their future roadmaps. Their far ranging plans varied from:
- Becoming the ubiquitous endpoint agent and enabling other security vendors to interact with their agent and cloud-aggregated data, or
- Migrating their technology to ‘something else’ as they prepare for a radically different environment whereby endpoint security is baked into the OS (Think Microsoft Windows 10 and beyond ….)
The conference was significant for me personally as I transit into covering ‘all things Blockchain’, and migrate away from a ‘security-only’ focus. It was motivating to discuss blockchain technology with so many practical, smart, seasoned, and generally skeptical security professionals.
I was pleasantly surprised to see them embrace the application of blockchain technology to identity. Universally, each colleague I spoke with quickly attested to the value of blockchain identity and made comments like “I can easily see how it will happen.”
I’m nearly convinced it will indeed ‘happen’ in about five years or less. Since at least 2000 when Microsoft tried to launch Microsoft Passport, I’ve been highly skeptical about multiple consumer identity schemes such as federated identity, and federated identity authentication based on OATH, SAML and other standards. I just didn’t see the business issues being addressed with those technologies but have started seeing them addressed with blockchain tech. Technology has never been the impediment to success; instead the business case and liability issues always stood in the way.
I’m already seeing some very promising projects on blockchain identity in practice today. The most exciting one for me is one I read about in my alumni magazine “MIT Technology Review”, coincidentally when I was flying over to Israel last month. See Inside the Refugee Camp that runs on Blockchain
The United Nations World Food Programme (WFP) recently implemented a blockchain identity project called “Building Blocks” for Syrian refugees who lose their ‘official identities’ when they are forced to flee their homes. The WFP gives these refugees new identity records on an Ethereum blockchain, so that food assistance is disbursed directly to the refugees by reimbursing their food purchases at their refugee camp in Zaatari Jordan.
This cuts out corruption – some say about 30% of international aid is lost to corruption – and has already reduced their bank and payment fees by 98%. Not all the program is based on blockchain technology. For example, the refugees make payments by authenticating their identities via biometrics that are enrolled when they register, and which are not stored on the blockchain. By the end of 2018, Building Blocks will likely cover all 500,000 refugees in Jordan. It already assists well over 100,000.
To me – this is a perfect use case for blockchain, which is best for cutting out middlemen and enabling people who don’t necessarily trust each other to work together.
The hope and thought is that over time, a refugee’s identity will become more reliable as it is continually used for various transactions without issues or fraud at the refugee camp. And at that point, the identity record will help a refugee reestablish him or herself in mainstream society, for example by having enough history to qualify for a loan or for a bank account.
Many vendors are pursuing this identity space, such as 1Kosmos, Civic and uPort. We are following these blockchain vendors in our research as well as the use cases and technology of blockchain identity.
The Gartner Security Summit is by far my favorite security event on the planet.
Maybe in the future, a blockchain smart contract will be managing my schedule. Probably not, but that would certainly help the stressed scheduling staff, unless there’s a mistake in the smart contract code — in which case I wouldn’t know how to correct it, at least not until someone forks the chain 🙂