The new dawn of advanced technology is upon us.
As solutions become smarter, more agile and more pervasive, they quickly become integral elements of our everyday lives and larger organizational operations. At the same time, as technology grows more powerful, the vulnerability of data security and privacy increases along with the fast-paced developments in the tech world. And with this, a question arises: where do the current approaches fall short so that new systems could introduce ramifications?
As the amount of data increases exponentially and more companies become digital-first and data-driven, the risk of malicious attacks is higher than ever. Cyber attacks are becoming more and more ubiquitous, driven by malicious intent to take advantage of a vulnerability or weakness in a system or individuals of any company or organization. Cyber attacks result in potentially stolen, damaged and disabled assets that were accessed in an unauthorized manner. With a majority of companies keeping up with the times and relying heavily on internal networks, computers, servers and other tech solutions, vandalism in cyberspace is a real, if not looming, threat.
The consequences of the cyberattacks are difficult to quantify. More often than not, the attackers deny original end-users access to the compromised assets, which disrupts business, leads to loss of revenue and can even result in potential breaches of contracts. Attackers also stake data with the goal to monetize it — this can result in severe damage to the company’s reputation and result in employees losing their jobs. But there is also a more implicit kind of damage that cyberattackers can cause: by gaining access to assets, they do silent damage over time with no immediate results, leading to a compounding loss over time.
In a world where hackers have become organized, share tools and have access to advanced technology like quantum computing, it’s important to tap into a combination of security approaches to ensure maximum protection.
The current approaches fall largely into two categories.
The first category involved the so-called preventive approaches, including the widely known and used firewalls, VPNs, access control, authentication, security patches, etc. The goal of this approach to make sure that the right person gains access to and control of the resource and information: under no circumstance can individuals not intended to share access to the given resource get exposure to it. If we were to draw a comparison between the health of a system to the health of a human, this approach would equate to a healthy regimen — from diets to exercise — aimed at preventing sickness or disease.
The second category includes reactive approaches, such as monitor logs, networks or largely Security Information and Event Management (SIEM) technology. This approach allows for the creation of centralized tools fit for easily identifying and responding to security incidents based on comprehensive bird’s-eye-view monitoring of overall IT security. The approach continuously monitors and uses alerts to identify and isolate compromised resources such as computers, networks or systems to perform damage control. Following the same analogy of system health versus human health, this approach is similar to closely monitoring weight, temperature and other vitals to identify signs of sickness. If traces of illness are identified, the outcomes range from going to the hospital to resting at home and taking the necessary medicine.
With both approaches widely used and relied on globally, there is an element missing from the security puzzle piece that will help bridge the security gap which continues to increase by the day. What the two approaches do not provide is a so-called immunity against cyberattacks – or rather, a safe harbor to protect key assets from system breaches and hacking. And this is where the decentralized approach comes in.
In the traditional cybersecurity world, the cornerstone of digital privacy has been encryption that is highly dependent on protecting the encryption key. The effectiveness of encryption comes down to its proper implementation — from using a proper initialization vector to choosing a key randomly or not reusing a key. Because key management is often in the hands of the users themselves, there is always a risk to make a mistake in the encryption implementation process that can result in encrypted data becoming easily accessible to attackers. Because the encrypted data itself contains all the protected information, there is always the looming risk of it being accessed through socially engineered attacks, insider attacks or even brute force.
The third and powerful method — the decentralized approach to security — circumvents the traditional need for an encryption key to minimize the risk of compromising the protected information. Techniques from this approach split the data into multiple pieces, making it nearly impossible to reconstruct unless a quorum of splits is used. Since the full scope of data is not accessible, the attackers have no chance of accessing it, which makes the system quantum-proof and immune to all breaches.
So what can companies do to put up a strong front against malicious hackers?
The first step would be to continue making investments in protecting systems rooted in both the preventive and reactive approaches. In addition to these tried-and-true methods, it is also important to begin tapping into systems immune to data breaches and invest in the decentralized approach to security for a more holistic strategy. It is also important to continuously crowdsource and cooperate on the creation of databases on various attacks and tools to combat them, whether locally or internationally. An organized approach to cataloging attack cases will help devise the most optimal strategy in facing the increasing threats of cybervandalism.
Originally published in Forbes