The next big thing… huh.
If I really knew, then I’d be somehow finding a way to make the big bucks off of my foresight.
In reality, I think I can say something about what I see already starting to happen, and what I think needs to happen.
- What is already happening: automation.
So much of what we used to do by hand as engineers, is now being replaced by automated tools and techniques. Aside from the obvious applied machine learning/deep learning applications, I’m referring to the increase of programming language techniques seeping into systems and networking topics. Challenges like OS configuration and network management are getting a boost with provable, constraint based tools that take in high level specifications as input, and generate provably correct configurations as output. Manageability and configuration bugs are high on the list of TODOs for Google, MSFT, FB etc, and this is all just starting. I’ll throw in a shoutout to my friend Ratul Mahajan, who just left a long successful career at Microsoft Research to head up IntentionNet, a company that does just what I described here. - What I think should (also) happen: automated adversarial tools for recovery and countermeasures.
Security research has really focused on preventing failures, bugs, attacks. But I think that will/needs to change in the near future. Some security problems are going to be difficult or impossible to stop (hello IoT security!). Instead, I think more proactive adversarial tools are necessary that take over during and after cyberattacks, to either do disaster recovery, or countermeasures that themselves act as deterrents.