I confess. I’ve read the book Borderless Behavior Analytics – Who’s Inside? What’re They Doing? three times. I keep discovering new insights on addressing the vanishing security perimeter based on what organizations are doing in response to this challenge.
In chapter five, Robert Rodriguez , Chairman and Founder of the Security Innovation NetworkTM (SINET) , describes a number of compelling developments. SINET is an international community building organization whose mission is to advance innovation and enable global collaboration between the public and private sectors to defeat cybersecurity threats. Rodriguez’s observations are both authoritative and enlightening.
He observed that many CISOs have recognized the need to move from automation to orchestration of cyber security to enable centralized visibility and decision-making. This means putting in place an infrastructure to integrate all the monitoring, data collection, analysis, control and response components needed for a holistic and flexible model with the flexibility to adapt to future needs.
This orchestration capability can help assure comprehensive remediation of threats. Eventually, some form of attribution should be included because a number of industries and corporations are battling with this challenge. Nevertheless, in order to do proper attribution, it must become clearly mandated within the cybersecurity industry. That’s something to look forward to in the future.
In terms of other trends, Rodriguez notes that it is disappointing we’re not seeing more disruptive innovation in cybersecurity. He has not seen anyone inventing fire or the light bulb. Meanwhile, it’s a cat and mouse game. Sometimes we’re staying ahead of adversaries, and other times we’re not. What’s needed are intelligence-based solutions that can recognize the weakness in security defenses, attacker strengths and likely scenarios.
One of the inhibiting factors of dynamic innovation in cybersecurity, however, has been the rapid evolution and transformation of the Internet. Use cases rise in popularity, and quickly morph into something drastically new. Facebook is a good example. It is very different today, compared to its original incarnation. Multiply this phenomenon exponentially, and you have today’s Internet. From a cyber security standpoint, we’re trying to work backwards to fix a framework which is extremely porous. In many respects, we’re chasing a moving target.
The hope for productive change in cybersecurity lies inherently with risk takers and early adopters. These change agents are willing to take the leap of faith needed to implement next-generation security approaches, many of which are now drawing strength from analytics and machine learning models. Part of the challenge in the government sector, is that there’s no reward for taking risks. Primarily because there are no profit margins or shareholder value, no driving motivation to deliver more for less. The culture in government, therefore, is different than in the commercial world.
Nevertheless, government CISOs are increasingly looking to risk takers and early adopters in both the public and private sectors to inform their thinking and challenge their strategic planning assumptions. The book I mentioned earlier, Borderless Behavior Analytics – Who’s Inside? What’re They Doing? , is one resource where readers can hear first hand accounts of cyber security transformation projects from leading CIOs and CISOs that span a wide range of vertical industry perspectives.