April 2, 2014 By Larry Karisny
NSA disclosures, RSA conference scientist boycotts, University white papers and even cybersecurity supplier contest challenges are validating the weaknesses of our current cybersecurity methodologies.
The old model of "good enough security" is being replaced by a new model of "0 trust security" upon which cybersecurity must be built. Mysterious scientific encryption algorithms combined with the subjective analyses of big data is no longer trusted or even effective in offering true security solutions. And yet we are connecting an explosion of software and devices that enhance or even take over human processes.
We need to deploy cybersecurity technologies that can effectively secure the billions of application process actions, or adversaries will continue to manipulate these application-based technologies that are now the focus of new cyber attacks. The question is how.
Hackers Get It
I have watched and privately
disclosed successful attacks on wireless intelligent devices including
smartphones, automobiles, homes and power-grid infrastructure. In doing
so I was able to use what I discovered from hackers, then follow
cybersecurity industry trends and methods of stopping these breaches.
Inside breaches are increasingly being used to penetrate authentication access to systems. Process applications
software was being exploited to achieve breaches. Why go through the
trouble of breaking complex mathematical algorithms with a supercomputer
when it is much simpler to manipulate the processes and process
application software to achieve the same results?
While the cybersecurity mathematicians continue to pitch now 50 year old technologies that even MIT considers outdated,
hackers simply use the system process application actuaries or action
messages as points of exploit. There are three things we do not do very
well when securing these action messages. We do not authenticate, view
or audit these multiple message actions or the collaborative processes
that occur in a typical information technology control or business process.
Instead, the majority of cybersecurity technologies focus on the
protection of the network and data. Thus, they are not even looking in
the right place to view or audit these process actions. Hackers know
this and that is where they can most easily enter.
Securing the Process not the Algorithm
This new focus on cybersecurity
at the action of a business or control system process is becoming a
welcomed and understandable security methodology to CEOs and COOs around
the world. CEOs who understand their organizational processes and
actions do not understand how today's cybersecurity products and
services work.
While mathematicians were
making algorithms to scramble and secure data streams, the actual
security end point is in actions and collective processes. True security
is achieved by authenticating and securing the causal action of the
business or system process in real time, not securing data
transportation input and output while historically analyzing its causal
actions and processes using data analytics.
We today process multiple
software message actions without authenticating or confirming the
data-in-motion action. This is like turning the key in a car and just
assuming the vehicle control system is doing what it is suppose to be
doing. This same lack of system causal confirmation is why scientists
have been able to demonstrated how an automobile control system can be
hacked. For 0 trust security to actually be achieved, we need methods
of monitoring these software process application messages in real-time
data with a data-in-motion firewall that can view and audit the causal
messaging actions of any control system or process at the data input
level.
There are real-time anomaly-detection messaging technologies that are beginning to be recognized.
The problem in both of these solution approaches is the continued use
of mathematical algorithms which are outdated, complicated and
breachable. IoT devices often do not even have enough memory to store
these complex algorithms. We are beginning to understand that causal
actions are the real end points of cybersecuriity. We now must find new
way of securing them.
Control or Lose Control of Digital Intelligence
I
recognize the benefits of digital intelligence and the many forms it
takes in hardware, software, apps and the Internet of Things (IoT). I
like my smartphone and the software apps it runs. The problem is all
these things can be hacked and we are irresponsibly connecting and
interconnecting them without concern for security
at a pace so fast we are losing control of what these digital devices
are actually doing. We are automating without authenticating and
actuating without auditing. We just touch an icon and assume the
interconnected layers of network, hardware, software, apps and IoT are
going to do what we want them to do. Hackers know this and just find the
weakest link.
Control systems and processes
must have the capabilities to view realtime causal actions at the
data-in-motion input level. Whether an authentication breach, network
breach, data breach or software application breach, this same
methodology must be able to quickly and accurately secure billions of
application messaging actions and the interconnected processes they
activate. I discussed these methodologies in detail in my last article,
"Time for a Cybersecurity Overhaul."
Cloud applications and IoT devices today already have a bad security
track record that will only get worse if we do not change the way we
ecure these new technologies that are now at the doorstep of our digital
communities.
Conclusion
Our digital age had brought us
many wonderful technologies and I am not underestimating their
importance. But like others in this industry, I am screaming "proceed
with caution and find a way to secure this stuff before deploying it."
We have interconnected so many of these digital technologies we have
lost control of what the actual business and systems process are doing.
We are increasing the use of these technologies exponentially without
proper security procedures in place -- like a manager hiring 10,000
employees and saying "don't worry I will never check or even have the
ability of knowing what you are doing."
We do not understand the power
of technologies we use every day. Hackers do and exploit these
security technology weakness as current cybersecurity suppliers try to
improve older technologies that are proving to have outlived their
effectiveness. We can't move forward by just putting security patches on
what we have and the industry is at last coming to that conclusion.
I would like to offer my own
cybersecurity challenge. If you have a better cybersecurity methodology
to secure the projected billions of apps and IoT my not for profit has already researched
I will promote your security technology to thousands of my cyber
security contacts and submit an article disclosing your capabilities.
This much I know. We need to fix cybersecurity now or our digital age
could come to a screeching halt.
No comments:
Post a Comment