I was recently asked to write a piece on cybersecurity for the Washington Times. Below is my article:
‘Zero Trust’ computer policy: A timely solution
Challenges posed by cybercrime are one of the most frightening threats our country faces today.
In recent years, we have had a reactive approach to cybersecurity. We hear about it when an organization has been hacked or sensitive information has been released. Organizations, companies and our government agencies should not simply be reacting when a cybercrime has taken place, but instead need to be proactive.
In order to be proactive, however, the main challenge from which all other cybersecurity issues stem needs to be identified. The United States, along with the entire world, is seeing a global cyber catastrophe that is causing us to reconsider how to establish a network defense. Now more than ever, cybercriminals have access to advanced technologies that put people at risk. That means our government agencies need to establish better defenses.
We have heard of retailers, financial institutions and health care organizations experiencing major hacks, which is why it was disheartening to see that in the 2017 U.S. State and Federal Government Cybersecurity Report, government institutions were listed among the “bottom performers,” scoring lower than retail, health care and information services. I believe that is due to a misidentification of the underlying cybersecurity problem.
The real problem stems from an outdated “computer architecture” that was developed without knowing how today’s cyber connection would look and operate. This obsolete foundation is essentially why cybersecurity attacks take place.
Our defenses are no match for these security breaches. Our computer architecture has reached its ceiling. There was no way the developers and engineers who designed it 40 years ago could have envisioned how the internet and the impact of global connection would have facilitated such cyberthreats. The demand for an increase in computing capabilities and programs overshadowed the computer architecture with the development of the internet.
I have had the opportunity to work alongside experts within the cybersecurity industry who also believe the computer architecture is the main issue at hand. Ed Brinskele, the CEO of Vir2us, has said that IT professionals are dependent on what the “experts” determine are the best practices or defenses for cybersecurity.
“The difficulty is that there has been a significant failure on the part of solutions providers to recognize that a keeping-the-bad-guys-out approach reveals a failure to correctly identify the problem,” Mr. Brinskele said. “Once the checkpoints in these solutions are bypassed, they provide virtually no security. This is known as an outside-in and top-down approach and is a fundamentally flawed strategy. As a result, these solutions only addressthe symptoms of a much more fundamental design problem.”
To address these newfound security challenges, antivirus and firewalls were created to provide somewhat of a Band-Aid. These solutions are not good enough to combat the technology that is available to cybercriminals.
Our outdated architecture is a sinking ship. There are a number of holes in the boat, and we keep trying to patch it up instead of rebuilding it so we can float. These patches include heuristic algorithms and whitelisting, but even these solutions continue to fail. They simply cannot withstand the constant and ever-changing threats.
Additionally, it is virtually impossible to attempt to pinpoint threats from a list-based strategy. Every day, these lists evolve and develop. There is no way to stay current on possible threats or attacks.
“Antivirus and firewalls are list-based solutions and can only deal with known threats. In today’s world of morphing viruses and malware, these solutions are less than 27 percent effective,” Mr. Brinskele continued. “[A leading consumer cybersecurity firm] recently said that their average time to identify threats and update lists is more than nine months. In a challenge that is moving at the speed of light this is problematic. While combating challenges moving at the speed of light, that solution is unacceptable.”
Not only do these outdated solutions consistently fail, they are also extremely inefficient. It has been reported that these “legacy solutions” can consume up to 80 percent of network bandwidth capacity and computer processing power. These inefficiencies negatively impact revenue and productivity. According to the U.S. Government, global business and institutions lose over $1 trillion to fending off cybercrimes and attacks annually.
Rather than trying to fend off possible attacks, implementing a “Zero Trust” policy or architecture would be significantly more practical and successful than fighting to stay current on a list of emerging threats. With a Zero Trust architecture, the “Known” list is manageable and can be maintained.
As cyberthreats continue to unfold, we need to take a hard look and consider improving our computer architecture. A new approach and a radical change within the cybersecurity industry needs to take place in order to provide dynamic security.