Infosec innovation

By sheer coincidence, the latest issue of the ISSA Journal, released today, covers cybersecurity innovation.

Innovative approaches mentioned by various authors include:

• Machine learning, behavioral analytics and artificial intelligence;
• Deception technologies - the author describes honey tokens designed to detect malware accesses, and later hints vaguely at other emerging antimalware techniques;
• Browser isolation using virtual machines - which looks to me like an elaboration of the classic sandbox approach but perhaps I should check into that too;
• Cloud Access Security Brokers (CASBs) - hmmm, I shall be Googling that one shortly!;
• DevOps - with rapid/agile development techniques plus Continuous Integration, Continuous Delivery and microservices leading to sub-second cycle times for software updates, security testing and hardening becomes an enormous challenge. Security tools such as Docker Notary are forging new paths in the area of DevOpsSec and DevSecOps (are those the same or do they differ? More Googling required);
• International collaboration among security specialists and law enforcement has had some successes in dealing with global cybercrime rings (but is it innovative?).

It's interesting to read other perspectives given that we have been working in parallel on much the same topic. There are substantial similarities in the innovations covered, I'm relieved to note, but also differences including some that I plan to explore further - and that's a typical outcome from reading professional journals, making them valuable personal development resources.

Aside from that, I'm still slogging away on the ISO27k updates for www.ISO27001security.com I started yesterday - 60 emails done, 40 to go. 

Oh and watching the weather situation. Thanks to cyclone Debbie, torrential rain has turned piddly creeks into rivers while rivers are becoming bridge-engulfing paddock-swamping fence-mangling monsters. A falling tree has landed conveniently close to the firewood pile, so that's my weekend spoken for. Friends in Wanganui are waiting anxiously for the floodwaters to peak, again.