Welcome to visit NetEase Cloud Community to learn more about NetEase’s technical product operation experience.


“Knowing Things from Learning” is a brand column created by NetEase Yunyi Shield. The words come from Han Wang Chong’s “Discussion balance · Real Knowledge”. People are superior to each other in ability. They know the truth of things by learning, and then they are wise. They do not know without asking. “Know Things by learning” hopes to bring you harvest through articles of technical dry goods, trend interpretation, character thinking and precipitation, but also hope to open your horizon and achieve a different you. Of course, if you have a good cognition or share, you are welcome to contribute by email ([email protected]).


Here is the text:


Technology is moving at a rapid pace, and IT moguls from major web companies are sharing their insights on the security landscape for 2018.


1. Oliver Tavakoli, CHIEF Technology Officer of Vectra:


Extortion attacks tend to occur based on motivation. Ransomware as destructive attacks will increase, online games will become a new battlefield. In essence, controlling networks of companies or industrial plants has become as valuable as controlling energy, which will continue to encourage hacker groups to attack. However, the financial gains from ransomware will be reduced because victims pay less.


Data penetration based on cloud storage will become mainstream. In the IaaS and PaaS cross sections, we see the penetration of sensitive data. And organizations often do not know that their data has been stolen, and the virtual form of traditional security products will not be able to eliminate this threat.


AI will become the protagonist of network security. Cyber security is an arms race in which the weaker party will use asymmetric means to achieve its goals. Just as some hacking groups are using machine learning and AI to improve their cybersecurity attacks, attackers are using machine learning to speed up the process of finding vulnerabilities in commercial products, with the end result being more new vulnerabilities for attackers. Ai will also increase the number of qualified cybersecurity professionals as it lowers the barriers to entry into the industry.


The return of the worm. Worms will once again play their role as a fast spreading method of malicious payloads. Worms can bypass firewalls and phishing control to easily access enterprise networks.


James Lee, EvP and CMO, Waratek:


In 2018, I expect that we will develop more aggressive and effective defense tools and technologies, IoT and IIoT attacks will likely encounter more threats a year from now. Moreover, the European Union’S GDPR came into effect in May 2018, so security companies need to look for new opportunities in terms of new requirements for data/system protection, breach notifications and penalties.


3. PJ Kirner, Illumio co-founder and CTO:


Our public PII will come back to haunt us: our identity is no longer ours, but shared. Personally identifiable information (PII) is no longer valid because much of it has been breached in recent years and everyone needs to admit that they have been breached and that the attacker has more personal information than ever before. As a result, we will begin to see new types of attacks that take advantage of the rich PII that is publicly available. Given plenty of PII collected data, it may be weaponization on main entities (such as government, finance, health care system, etc.) on a large scale attack, and they provide rich data for individual users may create a unique complex phishing/social engineering attack those who can’t distinguish from the real world.


Companies will recognize that security needs to be more holistic, and that requires a cultural shift: companies are just getting started with security and generally start at the top. Now, everyone in the organization plays a role in security. Organizations must recognize that safety must be an integral part of the corporate culture and must give it the highest priority.


Ai security vendors need to shift technology to results: Vendors that advertise AI will eventually realize that customers want results, not just glitzy marketing. Companies that sell AI-powered products need to find a quantifiable way to start showing results, rather than simply coming up with their solutions, and those that do will become industry leaders.


The desire to quantify risk is growing: we are already starting to see a shift from qualitative risk measurement to quantification. IT teams are being challenged more rigorously and need to demonstrate the return or effectiveness of their activities in order to answer questions about security costs and their impact on the overall security of the organization. This is especially true when we move from passive to active mode for safety.


Some security “best practices” will emerge in the dead zone: New deployment patterns like the cloud and containers will cause organizations to abandon patch management as security control, and replacing newer virtual machines or containers will be easier to patch. These same dynamic and distributed deployment models make chokepoint firewalls, or those that rely on traffic diversion, subject to increasing differential-segment controls that provide security measures that vary as dynamically as the environment they support.


4.Carson Sweet, CTO and co-founder of CloudPassage:


The Cloud Security Alliance (CSA) defines Shadow IT as “the investment and deployment of technology that takes place outside an enterprise’S IT department, including cloud applications adopted by individual employees, teams, and business units.”


Shadow IT: Every enterprise wants to be more competitive, and shadow IT is more and more accepted by people. Enterprise dependence on Shadow IT will explode in 2018, and hackers will also launch cyber attacks on these resources. Organizations need to develop comprehensive shadow IT policies and strategies or the consequences will be severe.


State-sponsored cyberattacks will come: put simply, cyberspace is the new arena of transnational conflict. There are several reasons for this: Attacks on U.S. infrastructure are expected in the near future, our lives are increasingly dependent on technology, and technology protection is increasingly challenged. These problems have been around for years, but they have independently reached tipping points and caught in a perfect storm.


Sol Cates, VICE President of Technology Strategy and CTO, and Jim DeLorenzo, Solution Marketing Manager, Thales eSecurity:


Network security shifts to microservices. Microservices have undergone a major shift in technology, gaining popularity over the past few years and becoming the starting point for any newly designed application. Now organizations are beginning to invest more broadly in this framework. In 2018, we’re likely to see more organizations looking to secure microservices. And that brings up a lot of the trust issues that security organizations raise, how do we do cryptography, how do we protect information and so on.


I am more interested in Unikernels (kernel specific technology). In 2018, we will see more interest in Unikernel, which is very similar to Docker containers and other related concepts. The difference is that unikernel maintains an operating system without a kernel, and without realizing it, the application stack will have everything it needs, while everything else is immutable. Interest in Unikernals has increased because of the reduced threat of running applications.


The evolution of clouds. There are more and more clouds as cloud providers move to the protection and security features required by enterprises and purchasers. Whether its cryptography, keys or identity, and whether the enterprise continues to invest more, still requires more control. We can expect internal users to still have a seamless experience of things in the cloud, but still be consistent.


GDPR (General Data Protection Regulation issued by the European Union). The GDPR battle is intensifying as organizations seek to address the technical issues required for legislation. Questions will need to be answered about what data exists, how to process it, how to add scale to all applications, what transformation initiatives can help achieve this goal, and so on. By 2018, technical and process coordination will have to happen. As companies rush to meet regulatory requirements, we are finding it not impossible that more sophisticated attacks will find their way into the cloud.


PKI technology is a set of Internet security solutions, PKI architecture uses certificate management public key.


Resurrection of PKI technology. In 2018, we are likely to see a revival of pKI-like technologies that have long been served separately with the same architecture and concepts. The market is interested in doing PKI in a new way, rigid lines no longer exist, and clearer separation lines are needed to establish barriers to trust.


Encryption is still a trend by default, especially data encryption for stored and used data. An important wish and requirement for enterprises and large cloud providers: key management will remain a huge challenge. The full deployment of a private blockchain consortium looks more likely and represents something that goes beyond proof-of-concept and is actually being traded, rather than just a novelty. We are also likely to see value creation move towards iot devices and then converge back into a central repository.


This article by netease cloud easy to shield compiler release, easy to shield based on netease 20 years of technology accumulation and safety data, provide Internet industries anti-spam, captcha, registered, log in protection, activity against cheating, application of reinforcement, DDoS protection, such as the overall security solutions, provide the perfect technical support all the way, power products to establish safety protection system.


Related reading:

How to Handle The Risks of Unity Mobile games

NetEase Cloud: Reddit’S CEO explains the frustration of content moderation

NetEase Cloud: Let you know the boundary of content security: Review the content supervision in 2017 and 2018


【 recommended 】 Database routing Middleware MyCat