Founded in 1998 to act as an innovation hub, Swisscom's Outpost is today a well-established player in the unique Silicon Valley ecosystem. Outpost has co-founded organizations, such as the Telecom Council, and is a trusted partner for local technology vendors, Venture Capitalists and startups. Besides managing local partnerships for Swisscom, Outpost scouts for new trends and solutions for Swisscom. Further, the Outpost runs programs where Swisscom employees and customers can work on projects in Silicon Valley and utilize Outpost's position in the ecosystem.
Earlier this year I was asked to write an article for the Swiss magazine, Handelszeitung, covering "cybersecurity today". An interesting topic for sure. I spent the last 15 years working in different roles within this space. The challenge here was figuring out where to start. And even harder, where to stop. There are literally hundreds of interesting topics to cover. With the Handelszeitung’s audience in mind, I decided to write about three things: Challenges, Trends and Solution Approaches. Working with cybersecurity scouting in the Silicon Valley and writing for a Swiss magazine, I also wanted to give a bit of a US or Silicon Valley perspective on things. Let's dig into it.
Back in April 2021, the year was still young, but Cybersecurity was already all over the news. Microsoft’s popular e-mail server, Exchange, had a vulnerability which was exploited at around 30 000 companies in the US. Besides the Microsoft incident, there was also SolarWinds. The global network management company whose software was hacked, and which resulted in around 18 000 SolarWinds clients being (potentially) breached. This included some prominent organizations, such as Microsoft and the US Department of Homeland Security.
2020 could be the year of many things, but in cybersecurity it was the year of ransomware, especially in the US. Ransomware 2.0, the somewhat newer model,
where adversaries who are not being paid the ransom threaten to expose sensitive data, became an even more lucrative business model. Many organizations had implemented backups to recover from traditional ransomware attacks, but this new approach circumvented that and put additional pressure on them to pay the ransom. This is not an entirely new model, but we saw it become more widespread in 2020. We haven't seen any decrease of ransomware attacks in 2021, where the largest ransomware demand reached an astonishing $70 million.
Challenges in cybersecurity are not solely driven by technology developments but also by trends in our society which include:
There are of course more, but these are some of the current trends that impact the cybersecurity industry in one way or another. In the Silicon Valley, we observe how these trends result in new solutions offered by cybersecurity startups, money being put on the table by Venture Capitalists and enterprises procuring cybersecurity products.
Covid-19 didn't only result in people moving to a home office, but also increased the need for information – specifically around the pandemic. And it resulted in people being fearful. These are all things adversaries used in their attacks, for example to craft even more "attractive" phishing email.
Another interesting trend with a high impact on cybersecurity is the move of data to different cloud services and away from the datacenters. And as mentioned above, the move of the employees from offices to their homes. Communication in the future, and even today in many parts of the world, is not primarily between an office and a company datacenter but between a home office and a public cloud service such as Microsoft Azure. This of course requires a new approach to cybersecurity.
Here in Silicon Valley, we see many new solution approaches and it's evident that cybersecurity is one of the busiest markets with more than 3000 active startups today. Many from the US but also an over proportional number of startups from Israel. Israeli startups generally come to Silicon Valley to be part of the Silicon Valley ecosystem. An ecosystem Swisscom Outpost in Palo Alto is also part of.
In our role as an innovation department, we interact with Venture Capitalists specialized in cybersecurity but also with cybersecurity startups and established cybersecurity vendors. Startups which we sometimes, after evaluation, transfer to Swisscom to become partners and jointly offer on the Swiss market. On the other side, we interact with security departments within Swisscom, such as product management and architects, on current trends and solutions. We also use our local test environment in Silicon Valley to run proof-of-concepts for Swisscom and test security solutions from startups and partner.
The most difficult part of writing an article about cybersecurity today is of course which trends and solutions to choose. I could have written about some of the topics we've looked at here in the Outpost such as "Shift Left" in DevSecOps to reduce the number of vulnerabilities in applications. Or supply chain attacks with SolarWinds, an attack vector which has increased in 2021. Or the importance of Managed Detection & Response in the coming years with Extended Detection & Response (XDR). Around Cloud Security, topics include Cloud Security Posture Management (CSPM) or security-as-a-service with Secure Access Service Edge (SASE). Or even the human element with security awareness or cyber ranges for training cybersecurity expert.
Here are some topics I did choose to write about:
These are some examples of trends and approaches Swisscom Outpost has identified. But one thing is for sure, the trends around how we access and manage data will increase cybersecurity risks and we need a new mindset and new approaches in order to successfully protect critical data and business processes.
Please feel free to reach out if you have any questions.
Head of Swisscom Outpost and Cloud Lab in Palo Alto, California
Find the job or career to suit you. A career where you can make a difference and continue your personal development.
What you do is who we are.