cybersecurity leaders are beginning to call for a move from reactive detection
to proactive prevention. It’s clear that the need to get ahead of the cybersecurity
curve is real.
past decade, experts talked about the number of days that malware is in your
system, and now the discussion is fast becoming how many seconds you have
between detection and disaster. There is no longer time to call the boss, check
your files or phone a friend. Victims are literally watching their systems
being taken over, and they are powerless to stop it despite massive budgets and
plans. Clearly, spending on an arms race with dollars, people and technology is
not an effective long-term solution. We need a different approach.
proactive prevention, the concept behind this move toward flipping the script
and finally getting ahead of our adversaries.
Why are we
talking about this now? With both attacks by state actors and insiders
recording big year-over-year increases, and total breaches continuing to rise
organizations around the world are feeling the bite in significant ways.
Reports of big dollar losses, operational losses and businesses being held
hostage occur almost every week. In many of these successful attacks, the
malware is simply moving faster than the defensive systems – defense that still
requires a human to look at a screen, perform a quick analysis, make a
recommendation, get approval from above (for most big responses like shutting
down a service) and then make 100% of the code changes necessary to enforce the
modification is simply proving too slow. When malware strikes today, even if
it’s been sitting covertly for months, it strikes with a speed and alacrity
that renders defenses mute.
biggest reason we’re finally going proactive is that the technology is finally
ready to make these long-held concepts a secure reality. Artificial
intelligence that learns to predict rather than react, microsegmentation that
can efficiently switch to more defensive postures in a heartbeat, and
behavioral biometrics that can provide trusted identities well beyond those of
ancient passwords or a handful of multi-factors are finally real, available and
just beginning to make a difference.
talking about this now because it can finally work now. Today, large-scale
energy providers are predicting attacks before they happen, and immediately
quarantining key resources while the coming attack is studied. Today, companies
are microsegmenting their key divisions and departments so that when (not “if”
anymore) a ransomware attack gets in somewhere, it won’t be able to spread
laterally and take down an entire organization. Today, companies are using
dozens of behavioral biometric markers to determine identity, like which hand
you hold your phone in which car seat you sit. And this number will soon grow
to hundreds of markers, making an even more trusted identity possible.
House’s National Cybersecurity Moonshot focuses on four key technologies that
will lead the way to faster response times. These technologies are: 5G
communications to connect our world and deliver massive waves of new data;
augmented intelligence to provide the speed and agility to bring real-time
trusted decisioning to that data; behavioral biometrics to provide identities
that stand up to the deepest fakes; and quantum resistance that will withstand
the coming generation of computers that can all-too-easily decrypt today’s
secrets. These four technologies, when applied to the latest security theories
of Zero Trust and proactive prevention, can be the building blocks for
enterprise security that provides the trust and predictability of
alone is not the answer, and a successful shift in strategy from reactive to
proactive requires strong pillars of support to be foundationally established
within an organization. Executive
behaviors must change to accept the goal is now to minimize and contain a
breach, but not to stop each and every one from happening. Education of your
security teams and overall workforce must change, getting beyond platitudes and
“other peoples’” jobs to truly understanding their roles as front-line attack
vectors. Your ecosystem of suppliers must change, flowing down real security
guarantees with checks and consequences. Corporate policy must change to allow,
encourage and reward stakeholder involvement, and privacy systems must be
trusted and respected to ensure maximum engagement.
may seem daunting for your organization, it is becoming the best-of-breed goal
to work toward today. It can start with your board of directors, flow through
your executive teams, permeate both front and back office business functions,
and run deep into HR and purchasing departments. These groups must be equal
partners in your overall successful move to a proactive defense that provides
the predictability and peace of mind required to thrive in today’s hostile
are being used to attack us and our critical infrastructure. Adversaries are
employing artificial intelligence and machine learning against us.
Organizations can’t continue to move at their current pace to address
cybersecurity threats. They need to accelerate, automate, embrace advanced
technologies and take a Zero Trust approach.
By Tom Patterson, Chief Trust