The transformation that most networks are currently undergoing is far larger, and more impactful, than most people recognize. IoT devices, cloud computing, and rapid business application development have accelerated the collection and distribution of Big Data. And the data centers tasked with mining that data to drive business agility and responsiveness even further are adding AI and Machine Learning to make that possible. The result is hyperspeed, hyperconnectivity, and hyperscale all growing at an exponential rate.
All of this lays the foundation for things like smart cars, smart buildings, smart cities, and smart infrastructures – including smart transportation, power grids, and manufacturing. And the growth of faster and smarter mobile devices and new edge computing models powered by 5G are going to accelerate all of this even further and faster as billions of new edge environments are added to and interconnected across a global network of networks, both public and private.
In this new environment, humans simply cannot move fast enough to add security as an afterthought, especially when edge networks are often ad hoc and increasingly temporary. If we intend to protect data, personal information, and critical infrastructures from cybercriminals in a constantly shifting environment, cybersecurity must be a fundamental feature of every product and system from the moment that it is conceived, enabling it to automatically interoperate, expand, contract, and scale in real time.
To achieve this degree of deep security integration – something absolutely essential to achieving and maintaining a truly digital society and economy – cybersecurity leaders need to address four fundamental challenges:
1) Sharing Information in Real Time
Attacks can penetrate a device or network in the blink of an eye, exploiting even temporary gaps in security due to non-integrated security systems struggling to catch up to dynamic changes in network connections and infrastructure. In today’s on-demand world, speed is fundamental to an effective cybersecurity strategy. And to make that challenge harder, an increasing percentage of the growing volume of internet traffic is also now encrypted.
Speed is critical, and it depends on being deeply integrated into the devices and systems being protected. But speed alone isn’t enough. It also requires visibility, and that requires access to threat information in near real-time. Sharing threat intelligence between devices on the same network is essential, but even that isn’t enough. Information sharing also has to occur between organizations and entities that have been traditionally isolated. Today’s cybercriminals do not recognize political or geographic boundaries, and our new digital economy has become so deeply interconnected by technology that cybersecurity and global security have become the same thing. As a result, no organization, public or private, can have a complete view of the entire cyber landscape and actively defend against cyberthreats unless we are all actively sharing threat intelligence.
2) Wide and Deep Collaboration
“Collaboration enables the good guys to create a hive mind, to learn rapidly, constantly expanding our competency and capacity. If organizations or states do not learn from one another, the same attacks will needlessly take down countless entities.”
This collaboration needs to be both wide and deep. Wide because everyone is engaged in a common conversation about cybersecurity and addressing our common enemies. And deep because conversation alone isn’t enough. We need to work together to deepen our collective knowledge by collaborating on threat intelligence sharing, collaborating on education, and collaborating on the next generation of cybersecurity technologies augmented by machine learning and artificial intelligence.
3) Building a Common Vision
For information sharing and collaboration to be effective, we must all have a singular vision and commitment to building a truly global integrated cybersecurity strategy. This relies on both public and private organizations that may otherwise have competing interests uniting around the common goal of mutual protection – something akin to NATO, which is based on clearly defined fundamental principles.
“This vision for integrated cybersecurity must be comprehensive and inclusive, anticipating the next actions of cybercriminals rather than solely reacting to them. Just like NATO has well-trained armies and constantly evolving battlefield strategies, the common vision must be operational and must look at how best to address the technical challenges of effective cybersecurity.”
This needs to be a global effort, where cybersecurity education and training becomes part of everyone’s educational development. We are facing a growing cybersecurity skills gap that threatens the very existence of our fledgling digital economy, and we need a strategy that spans public and private organizations to educate individuals to be more aware of the risks of functioning in a digital world, while nurturing the future generations of cybersecurity professionals we very much need. Without such efforts, we will not have enough experienced soldiers to fight this war.
4) Promoting the technology platform, we need to make this work
For the vast majority of the world’s digital infrastructure, cybersecurity was never part of the design. This must change, and it starts by understanding the underlying challenges.
First, cybersecurity requires massive amounts of computing power, often more than any other networked system.
“From now on, most products, devices and infrastructure should have this additional computing power designed in. Furthermore, the cybersecurity capabilities inside the devices must fit into an integrated platform that distributes workloads over the layers of a system.”
Next, the network needs to be self-defending, and not rely entirely on purpose-built security devices. This security-driven networking strategy changes many of the traditional assumptions of networking.
“Instead of looking only for the fastest path, security-driven networking takes the risk of each path into account and moves traffic over the fastest safe path. To make this work, the networking devices all need to share information about the speed and the risk of each network path.”
A centralized approach to security is also no longer a viable option. Robust security needs to be provided across the distributed network, combined with low latency and high performance – especially with the deployment of 5G networks. This can only happen when security is built into every device, enabling them to automatically detect, correlate, and collaborate with other devices to create and maintain a web of security across dynamic environments that are in constant flux.
And finally, we need to invest in machine learning and artificial intelligence to increase our ability to correlate all of this data, detect anomalies and threats, respond in real time, and share new intelligence back into a common repository to make everyone safer.
Moving towards a protected world
“Regardless of industry, vertical market, and geography, industry and government leaders have a responsibility to guide us toward a safer world. In a climate permeated by lack of trust and poor cooperation between established industry leaders, the only winners are cybercriminals.”