These notes (permitted to be distributed without restriction) shared by Andreesen Horowitz operating partner Joel de la Garza are presented here as a resource for those interested.
- Passwordless authentication will become a greater reality – issues move beyond the number of customer support calls for password issues, to the need for major entertainment companies to maintain control on intellectual property. Large consumer websites will enable a password-less authentication for users. Which will then spread to the entire Internet.
- The greatest data breaches may be found to be misconfigured cloud services, not phishing attacks. We, the public, are often not told the real cause of those mind-blowing data breaches we read about. Evidently, the cause, on an increasing basis, is misuse and misunderstanding of configuring cloud services.
- New Cold War, will graduate from an irritation in politics to a greater threat in real life. China and Russia have given early indications that this new form of warfare will escalate. Chinese hacking groups that have been dormant have come back with renewed vigor. They are improving the operational security that keeps them hidden, masking attribution of their attacks. There has also been reason for concern about an attack similar to that on a substation of PG&E in San Jose in 2013. In other words, not just hacking for money, hacking to destroy infrastructure. Serious warfare.
Other security issues of less developed substance:
- AI exists only in the laboratory, not in the realm of cyber security. At least, not yet.
- Industrial IoT disruption likely will move toward reality. Hackers seeking to disrupt industries that use IoT through vulnerabilities in cloud infrastructure and hardware.
- Face recognition software will be hacked, forcing those organizations what are using this software for on-site security to employ behavior-based systems of security.
- Security trust ratings will be developed as organizations seek assurances that partners and supply chains are trusted partners who have fully adapted cyber security protection. Those who try to get by with less than full security measures will fail.
Technology seeking to keep from imploding on itself. A real cliff-hanger!