The interview features Morey Haber, Chief Security Advisor at BeyondTrust, sharing insights on his journey into technology and cybersecurity, the transformation of the cybersecurity landscape post-pandemic, the impact of AI on security systems, key considerations for organisations in 2024, and the top five trends shaping the cybersecurity space.
Haber’s rich background, from his early introduction to technology to his current role in cybersecurity, provides a unique perspective on the industry’s evolution and future challenges.
Tell us how you got into the field of technology and cybersecurity. What has your journey been like?
I was introduced to technology at a very young age. My very first computer was a Radio Shack io Shack Colour Computer with 16k of RAM, and I spent an entire winter teaching myself how to program in Microsoft Basic (fun fact — I still have that computer). About one year into my journey, at the age of 15, I received my first paid contract to design a program to help plot the tenderness of muscles using a pressure sensor coupled to a computer. From there, I know I was destined to be in technology and software.
While I studied electrical engineering at the State University of New York at Stony Brook, I continued to focus my talents on software. I obtained my first job after college, creating a database for tracking hardware failure rates for military flight and training simulators. At the same time, I started my own business doing PC consulting and succeeded with that endeavour favour for almost a decade.
As opportunities and fate flowed, I was asked to join Computer Associates and quickly rose through the ranks until I ran a department for beta solutions. My mentor then switched companies and asked me to join him at a cybersecurity vendor, eEye Digital Security.
That was my start in cybersecurity over 20 years ago. Since then, the company has been acquired, changed names, and has had multiple CEOs. I am committed to producing the best cybersecurity solutions possible for governments and businesses worldwide.
How has cybersecurity as a space changed and transformed in a post-pandemic world?
The cybersecurity space has morphed into a community that now recognises that office buildings and corporate data centres are not the primary targets for threat actors. Digital transformation, work-from-home, high-speed internet, wireless-connected mobile devices, and cloud services matured during COVID-19 and are now part of the fabric of every business.
Consequently, data access, applications, and users can now virtually reside anywhere and access resources anytime.
This transformation allows threat actors to attack the weakest and easiest link to compromise assets, users, and data and warrants cybersecurity solutions that can protect workflows regardless of user, system, and access conditions.
Cybersecurity tools need to operate on untrusted devices and networks (whether these belong to employees, contractors, or vendors) and monitor for unauthorised authentication and authorisation outside of the physical walls of an office building and data centre.
What has AI’s impact been in the cybersecurity space, and how can it help build better security systems?
The impact of AI in cybersecurity has been profound from both the defenders and attackers’ perspectives. Threat actors can use AI to create more realistic phishing campaigns, merge data from previously disparate breaches to create synthetic identities, analyse systems to look for configuration weaknesses, and more.
Defenders (the good guys) can use AI to look for anomalous behaviour in various logs, provide high confidence in authentication and authorisation workflows, aid in determining impossible travel, etc.
The sheer fact that AI can be used for both good and bad and in completely different paradigms for cybersecurity is quite astonishing, but in the end, it is a game of tug-of-war. AI has made an impact on both sides, and it will be interesting to see how this plays out and if either camp creates a residual AI technology that can force the flag solely into their camp and for how long.
What should organisations keep in mind in 2024 while looking at cybersecurity?
In 2024, organisations should keep in mind a few things when considering their cybersecurity strategy:
- Almost all cybersecurity solutions have shifted from a perpetual license to a subscription model. Organisations need to consider the long-term cost of these solutions, including caps that need to be contractually placed on any year-over-year renewal. Some vendors have extorted their clients by charging significant increases in renewals, knowing full well the difficulty a client would face in replacing the solution.
- The threat landscape is rapidly evolving, and organisations should consider the differences between best-of-breed solutions, best-fit solutions, and vendor consolidation when making purchases. Just because a vendor’s offering has features that meet the business requirements today does not mean it will be the right solution for the organisation tomorrow. Making the best technology decision in 2024 for the long haul is critical, and vendor selection should be a business and technical decision.
- All organisations will experience security incidents, and it is just a matter of time before a breach occurs. How the organisation handles that breach is crucial. In 2024, all organisations should be prepared for the worst-case scenario, practice their response, coordinate with their cyber insurance carriers, etc. We are at an inflection point for organisations and technology has made our business dependant on electronics every day. These systems can be compromised and how we respond to a breach is equally as important to how we run all aspects of our business from payroll to marketing. Organisations must consider this and elevate awareness before it is too late.
What in your estimation are the top five trends in the cybersecurity space
The top five trends in the cyber security space are:
- It is easier for a threat actor to log in than to hack in. Identity theft and security are the most important cybersecurity disciplines all organisations should be concerned about.
- AI-powered deepfake technology can barrel through traditional security controls based on voice and video. Businesses must be aware of the emerging technologies that threat actors and commercial users use to spoof identities for legitimate and illegitimate purposes.
- The human factor for a cybersecurity breach is very real and it is often said that humans are the weakest link for cybersecurity. Training, education, and situational awareness are crucial to stopping modern attacks. This trend will continue to worsen until all organisations take cybersecurity training seriously.
- AI is a revolution. The risks for data leakage, intellectual property theft, faux news, inappropriate content, etc., are unmeasurable. While businesses are learning how to safely adopt the technology for training, documentation, code development, and marketing, the usage poses a unique risk for cybersecurity. How do organisations ensure the usage is safe, falls within the company’s policy, and adheres to geopolitical regional laws? Security enforcement, as it relates to AI, must keep pace with adoption.
- The supply chain is vulnerable, and very few solutions can protect against supply chain attacks. While most businesses rely on SAQ (Security Assessment Questionnaires) to verify the integrity of a vendor, the verification and honesty of answers leave potential doubt for verification. We will see a bigger focus on supply chain security for vendors and ensuring they do not become an attack vector to breach the organisation.
