As hacker’s tactics continue to change, so must our approach to cybersecurity. Cloudflare COO Michelle Zatlyn says cybersecurity will all but disappear in the next decade.
Cybersecurity is a major point of contention right now. Attacks skyrocketed with the transition to work-from-home due to the coronavirus pandemic. Bad actors knew that there would be weak links, people connecting through strained VPNs or simply doing work on their home network with only ISP security in place. It’s put a big strain on businesses worldwide, but some experts believe that cybersecurity is going to be practically gone in the next ten years.
Cloudflare COO, Michelle Zatlyn, believes that in the future, cybersecurity as we know it is going to be a thing of the past. According to Business Insider, the Cloudflare co-founder spoke at their inaugural round table:
“I have a point of view that cybersecurity is going to be a thing of the past the next decade because I think technology is going to solve those problems,” Zatlyn said at the round table, during which the executives discussed rising challenges in cybersecurity and where the industry is headed. “We’re not there today. Today, it’s a real serious threat for businesses.”
It’s not that technology in the future will be threat-proof: Instead, cybersecurity systems will weed out bad actors earlier in their attacks, Zatlyn says.
“You’re going to get to a point where it’s almost like the water treatment filtration systems: If you’re connected to the Internet, you’re going to connect through a cybersecurity network like Cloudflare or some others,” Zatlyn said. “And we’re going to cleanse it and make sure whatever’s passing through us is clean.”Business Insider
Cloudflare is a fantastic company, they are one of the good guys trying to do the right things to help people protect themselves. However, the water filtration example is a little bit of a slanted view. It would be impossible to cleanse every single attack because the biggest weakness is in application security. Sure, you can set up WAFs and zero trust funnels and other fortified systems to protect against an attack. But the majority of attacks are through the front door, making the attacker look legitimate, and thus would not be filtered out.
Think about it. In the United States, we employ water filtration systems in every city and town on the map. States have regulations and particle counts and other chenicals that have to be filtered out before that water can be sent to our homes. We generally don’t get water-borne illnesses (there are a few that still infect us), but we do get other illnesses. Cancer, diabetes, heart disease. We get these diseases for many reasons. Genetics, diet, lack of exercise, alcohol and drug abuse, etc. So even though we have water filtration, it doesn’t stop everything. There are still areas in the U.S. which claim that chemicals in the local water have cancer causing elements due to dumping.
So when you compare the direction of cybersecurity to a water filtration system, it is important to understand that nothing is ever 100% foolproof. Those front-door attacks will look legitimate to a machine and won’t be caught by any filters in place. Or, if they are, that means you’re also filtering out other people who are legitimate users. No tool that is external will ever make bad code suddenly be good code.
Still, Michelle Zatlyn is not wrong on one thing: In the next decade, cybersecurity will look vastly different than it does today. She could be right about where we end up, but we need to caution that it still doesn’t do away with bad actors and cybersecurity attacks. It just means that bad actors will have to continue to change their tactics in order to continue their nefarious activities. Working from home has certainly sped up the need and desire to innovate and change, but as with anything really technical, it will take time. Not only time to develop, but time to test, implement and distribute. In the next decade, security will look different. Just maybe not in the way we think right now.