SmarTown™ independently researches information on cyber breaches and advances in cyber security technologies designed to protect critical infrastructure. Topics focus on solutions for securing utility, power grid, transportation, gas and oil applications. This blog features articles from cyber security expert Larry Karisny with reports from top security specialists around the world. To continue the quality of this unbiased and thoroughly researched information please donate and comment.
The Race to Cyberdefense, Artificial Intelligence and the Quantum Computer
The power grid, oil and gas, and even existing telecoms are perfect targets for funding and development of these technologies.
been following cybersecurity startups and hackers for years, and I suddenly
discovered how hackers are always ahead of the rest of us — they have a better
business model funding them in their proof of concept (POC) stage of
begin protecting ourselves from their well-funded advances and attacks,
cyberdefense and artificial intelligence (AI) technologies must be funded
at the same level in the POC stage.
however, traditional investors not only want your technology running, they also
need assurances that you already have a revenue stream — which stifles
potential new technology discovery at the POC level. And in some industries,
this is dangerous.
the fast-paced world of cybersecurity, in which companies are offered
traditional funding avenues as they promote their product's tech capabilities
so people will invest. This promotion and disclosure of their technology,
however, gives hackers a road map to the new cyberdefense technologies and a
window of time to gain knowledge on how to exploit them.
same road map exists for technologies covered in detail when standard groups,
universities, governments and private labs publish white papers — documents
that essentially assist hackers by giving them advanced notice of cyberdefense
addition to this, some hackers receive immediate funding through nation states
that are coordinating cyberwarfare like the traditional military and others are
involved in organized secret groups that fund the use of ransomware and DDoS
attacks. These hackers get immediate funding and then throw their technology on
the Internet for POC discovery.
HOW NOT TO DO CYBERDEFENSE
project that strongly makes a case for rapidly funding cyberdefense
technologies in an effort to keep up with hackers is the $5.7 billion U.S.
Department of Homeland Security's (DHS) EINSTEIN cyberdefense system,
which was deemed obsolete upon its
deployment for failing to detect 94 percent of security vulnerabilities.
As this situation illustrates, the traditional methods of funding cyberdefense
— taking years of bureaucratic analysis and vendor contracts — does not work in
the fast technology discovery world of cyberdefense. After the EINSTEIN project
failure, DHS decided to conduct an assessment — it's currently working to
understand if it's making the right investments in dealing with the
also has other roadblocks, as even large technology companies and contractors
with which DHS does business have their own bureaucracies and investments that
ultimately deter the department from getting the best in cyberdefense
technologies. And once universities, standards groups, regulation and funding
approvals are added to these processes, you're pretty much assured to be headed
for another disaster.
doesn’t need to develop these technologies itself. The department needs to
support public- and private-sector POCs to rapidly mature and deploy new
cyberdefense technologies. This suggestion is supported by what other countries
are successfully doing — including our adversaries.
MAKING THE CASE FOR POC FUNDING
same two things that have motivated mankind all through history — immediate
power and money — are now motivating hackers, and cyberdefense technologies are
taking years to be deployed. So I'll say it again: The motivational and funding
model of cyberdefense technologies must change. The key to successful
cyberdefense technology development is making it as aggressive as the hackers
that attack it. And this needs to be done at the conceptual POC level.
concern in cyberdefense (and really all AI) is the race to the quantum
computer technologies can’t be hacked, and in theory, its processing power can
break all encryption. The computational physics behind the quantum also offer
remarkable capabilities that will drastically change all current AI and
cyberdefense technologies. This is a winner-takes-all technology that offers
capability with absolute security capabilities — capabilities that we can now
BARRIERS TO CYBERDEFENSE POC FUNDING IN THE U.S.
most recent funding source for hackers is Bitcoin, which uses the decentralized
and secure blockchain technology.
It has even been used to support POC funding in what is called an Initial Coin
Offering (ICO), the intent of which is to crowdfund early startup companies at
the development or POC level by bypassing traditional and lengthy funding
avenues. Because this type of startup seed offering has been clouded with
scams, it is now in regulatory limbo.
states have passed laws that make it difficult to legally present and offer an
ICO. While the U.S. seems to be pushing
ICO regulation, other countries are still deciding what to do.
But like ICOs or not, they offer first-time startups an avenue of fast-track
funding at the concept level — where engineers and scientists can jump on newer
technologies by focusing seed money on testing their concepts. Bogging ICOs
down with regulatory laws will both slow down legitimate POC innovation in the
U.S. and give other countries a competitive edge.
barrier to cyberdefense POC funding is the size and technological control of a
handful of tech companies. Google, Facebook, Amazon, Microsoft and Apple have
become enormous concentrations of wealth and data, drawing the attention of economists and academics who
warn they're growing too powerful. Now as big as major American
cities, these companies are mega centers of both money and technology. They are
so large and control so much of the market that many are beginning to view them
as in violation of the Sherman Antitrust Act. So how can small
startups compete with these tech giants and potentially fund POCs in areas such
as cyberdefense and AI? By aligning with giant companies in industries that
have the most need for cyberdefense and AI technologies: critical
BIG COMPETITION FROM BIG PLAYERS
industries that are most vulnerable and could cause the most devastation if
hacked are those involved in critical infrastructure. These large
industries have the resources to fund cyberdefense technologies at the concept
level — and they would obtain superior cyberdefense technologies in doing so.
to critical infrastructure could devastate entire country economies and must be
protected by the most advanced cyberdefense. Quantum computing and artificial
intelligence will initiate game-changing technology in both cyberdefense and
the new intellectual property deriving from quantum sciences. Entering these
new technologies at the POC level is like being a Microsoft or Google years
ago. Funding the development of these new technologies in cyberdefense and AI
are needed soon — but what about today?
quantum computer capabilities will also demand immediate short-term fixes in
current cyberdefense and AI. New quantum-ready compressed encryption and
cyberdefense deep learning AI must be funded and tested now at the concept
level. The power grid, oil and gas, and even existing telecoms are perfect
targets for this funding and development. Investing today would offer current
cyberdefense and business intelligence protection while creating new profit
centers in the licensing and sale of these leading-edge technologies. This is
true for many other industries, all differing in their approach and requiring
specialized cyberdefense capabilities and new intelligence gathering that will
shape their future.
must find creative ways of rapidly funding cyberdefense technologies at the
conceptual level. If this is what hackers do and it's why they're always one
step ahead, shouldn't we work to surpass them?