Zero Trust, Machine Learning, and a World in Cyber-Peril

Anybody that’s been following tech for the last few years knows that there’s no escaping the topic of cybersecurity anymore. Whenever we talk about radical technological advancements and the ways that they can better our society, we also have to think about the ways that malicious actors could turn those advancements against society. Let’s use the field of medicine as an example. Telemedicine, the internet of things for healthcare, and even driverless cars with biometric sensors are some of the foremost emerging medical technologies with public benefit; video conferencing appointments in lieu of traditional physical checkups save time and money, while mobile implants could alert, say, a driverless ambulance that the patient is in peril. Unfortunately, without proper cybersecurity measures, these same innovations could be used to steal patient data, including personal and financial information, disrupt regular healthcare operations, and ultimately put innocent lives on the line. the minute From Healthcare to Every Other Field Healthcare is an apt example because the field has already seen significant problems as a result of cybercriminals and their nefarious efforts. that phishing and ransomware attacks have been particularly effective against hospitals as “cybersecurity concerns are often overlooked by health care providers … [and] the impacts of an attack can be devastating on a practice’s operation, comparable if not worse in scope than problems associated with a disaster such as a fire.” Bradley University’s online resources mention Indeed, the that “Ransomware is potentially the worst possible hacking assault a healthcare organization can face,” especially if files and systems haven’t been backed up. Short of paying the ransom (or a “killswitch” found by accident, ), hospitals have no recourse against these particularly potent bits of code beyond saying goodbye to all the files and data they ever had — which simply isn’t an option. experts at Duquesne have stated deus ex machina as was the case with the WannaCry ransomware strain As a result of such a tumultuous digital climate, healthcare administrators must now be equipped to fight cybercrime specifically, including , according to Marylhurst University. These skills aren’t specific to healthcare administration, but to administrators, managers, and leaders in organizations the world over, regardless of the field. The problem is that cybercriminals and malicious actors always seem to be one step ahead and prey on even the slightest mistakes made by organizations big and small. recognition of potential threat types, cyber-risk management, personnel management, and crisis management The important takeaway here is that those mistakes are common and contribute to undermining data security. In fact, the infamous 2017 Equifax breach was . While plausible, this doesn’t indemnify the leaders of companies hit by cyberattacks, as it is their responsibility to make sure that their organizations are ready to take the full brunt of these attacks. According to most recent reports, they’re failing miserably. blamed upon an employee’s lone error Cybersecurity Shortcomings and the Zero Trust Model The latest surveyed over 1,000 department managers, IT specialists, and other key professionals from US companies of varying size. The results reveal that a dire 73 percent of firms surveyed face major shortcomings in cybersecurity readiness, as well as other key findings: Hiscox Cyber Readiness Report 2018 The average cost of cybercrime to organizations with more than 1,000 employees was $1.05 million, with the highest costs topping $25 million. The average IT budget of respondents was $11.65 million. 60 percent of respondents believe this spending will increase by 5 percent or more. Out of the companies making investments in further cybersecurity efforts, 54 percent indicated that employee training helped reduce breaches and incidents. Furthermore, 43 percent of US companies reported conducting cybersecurity exercises, such as phishing experiments, contributed to understanding and improving employee behavior and readiness. Unfortunately there is no technological quick-fix that currently exists which we could use to patch all of these shortcomings. What we do, however, is change our attitudes. , Centrify chief product officer Bill Mann explains that a new approach in the way we trust things could fundamentally change the cybersecurity landscape. He explains: can In an interview with TechRepublic’s Dan Patterson We inherently trust too much in our environment and our inclination to trust too many things has really led to us relying upon forms of security which are really not helping us in the new world order … We used to trust that the firewall was going to keep the bad guys out, but the reality is that the bad guys are already in our environment. Also, the reality is that we’ve got a lot of mobile workers and outsourced IT, and we’re using stats and infrastructure as a service … [and these dangers are] not residing within the walls that the firewalls were previously protecting. So that model has got to change … we’ve go to go to a model where we explicitly trust things. So instead of “implicitly trusting”, we’ve got to go to “explicitly trusting.” Mann explains further that the elements of explicit trust come down to always knowing the devices on your network, always knowing which users are on those devices, and consistently adapting your policies so that users only have access to what they need, or have the “least privileges necessary” to do their jobs. If 80 percent of breaches are truly due to compromised credentials, , the Zero Trust model could go an extremely long way in securing our organizations and the data they hold. as Mann states Machine Learning: The Magic Bullet? While no cure-all currently exists for the world’s woes, AI and machine learning have shown promise and potential as breach protection solutions. Multiple vendors have responded to the call in this regard, producing software that monitors entire networks in real time, calls attention to anomalies as they present themselves, and shuts down threats before a security breach ever occurs. cybersecurity technology I covered one such company, Darktrace, in my previous post, “ ”. The company employs what they call an “enterprise immune system”, the terminology owing to their shift away from the old “fortress mentality” that we can no longer trust. Cyber Security Trends and Threats to Watch for in 2018 “The big challenge that the whole security industry and the chief security officers have right now is that they’re always chasing yesterday’s attack,” says Darktrace CEO, Nicole Eagan, . “That is kind of the mindset the whole industry has — that if you analyze yesterday’s attack on someone else, you can help predict and prevent tomorrow’s attack on you.” in an interview with Wired Brian Beyer, CEO of Red Canary, a company that provides a similar machine learning-based cybersecurity solution, concurs that this approach is flawed. , published via Forbes, Beyer adds his two cents: In an interview with Julian Mitchell “To use the physical analogy, most businesses spend their time adding padlocks and door alarms to protect their sensitive data,” he says. “They earnestly hope that adding more tools and systems will make them better, but often times it just results in more false alarms going off. Industry stats show that only 5% of those alarms actually get investigated. We believe that cyber security needs to evolve: organizations need to be able to continuously surveil and hunt for threats and stop them quickly.” It’s only a matter of time before machine learning and automation makes up for human inefficiencies in every industry — but cybersecurity may be the field that needs this innovation the most. Until these solutions are adopted and proven effective, leaders and their organizations need to change their approach to cybersecurity, trying out Zero Trust and any other promising, legitimate, and applicable model they come across. Until then, we’ll remain at the mercy of the hackers and criminals that have plunged our world into cyber-peril.