A look forward to the future of blockchain and robo-violence this coming year with Duncan Jones, research and innovation team lead at Thales eSecurity.
As part of our 2019 predictions series, we sat down with Duncan Jones, who leads the research and innovation team at Thales eSecurity, focusing on emerging security threats and tomorrow’s cyber technologies, who ponders the real benefit of blockchain and the machine-on-machine “warfare” that he sees coming in 2019.
#1: Blockchain is still a solution looking for a problem.
2019 is sure to be the peak of the hype cycle when it comes to blockchain, but certainly not the peak of implementation, which remains years away. The technology is still missing mature features, such as user and key management, which are necessary to kick enterprise adoption into high gear. In fact, whenever I talk to customers who have expressed interest in blockchain,
I ask if they have a problem that requires blockchain to solve it, or a blockchain budget that’s looking for a problem – it’s always the latter. While the promise remains, I expect the hype to settle down as companies gain a greater appreciation for the complexity and collaboration required to integrate enterprise blockchain applications into everyday business.
#2: More research needs to be done to understand the algorithms making decisions about our lives.
Every day we read about the excitement and potential as algorithms continue to get smarter. We are training them to make all kinds of decisions – from what a car should do at an intersection to whether an incarcerated felon merits a parole hearing. I am a huge fan of innovation and I think we are on to something with artificial intelligence and machine learning, however, I must raise a cautionary flag. Unfortunately, with every new technological advancement, there’s someone out there with malicious intent who wants to exploit it.
One of the things that are so amazing about machine learning is the same thing that is most concerning – machines make decisions on their own. In the rush to autonomy and more advanced decision-making by machines, we need to make sure we are doing the research necessary to better understand the algorithms and how they are making decisions. Without this understanding, we can’t begin to understand how others might subvert an algorithm.
#3: A shift in the cyber arms rac — from human-against-machine to machine-against-machine.
Expect to increasingly see machine learning on both sides of the cyber battle. We have started to see such algorithms replace manual efforts to compromise systems and we will see more of it in the coming year. At the same time, machine learning technology will be used to second guess what attackers are doing and help with attack mitigation.
An enjoyable talk at last year’s European Symposium on Security and Privacy demonstrated how neural networks can crack passwords at a similar rate to expert teams running cutting-edge tools. Ironically, the same technology can be used to advise users on the strength of their password.
#4: Reconfiguring products or making new ones to take advantage of post-quantum algorithms.
The arrival of large-scale quantum computing promises huge advances in multiple fields, as certain difficult problems become much easier to solve. While the progress of quantum computer development has fluctuated – some experts don’t believe we will ever see a large-scale implementation – the prospect of a sudden breakthrough cannot be taken lightly.
Computer networks are only secure because today’s computers can’t solve certain mathematical problems. Once quantum computers arrive, the game will change and some of our existing defenses will be worthless. The National Institute of Standards and Technology (NIST) is running a competition to kick the tires on various quantum-resistant cryptography proposals ahead of time, so Internet cryptography isn’t undone by said quantum capabilities. The results may be five years away, but once the winners are announced there will be a rush to bring post-quantum products to market.
Organizations must focus on getting products ready for the era of quantum computers. The only way to be first out of the gate is if the proper investment is made now. Until we know which algorithms to support, the best approach is to pursue “crypto-agility” – the ability to easily change which cryptographic algorithms are used to secure products.
(Editor’s Note: Where did the year go? 2019 is almost upon us, and the brightest minds in the real-time analytics space are looking forward to the new year and taking their guess at where they think this space is going. Help us expand the discussion and build out the future of real-time by joining the RTInsights Brain Trust)