Rewriting the security equation in 2018

Understanding the future impact of changes to the security landscape.

equations on chalkboard 87173350
Thinkstock

It’s that time of year when you start to see the technology industry predicting what’s going to happen, reminiscing about what just happened, or warning us about what might happen if we’re not vigilant. The security industry is especially fond of materials that explore “top threats this year” and “top things to do to keep your data secure.” No matter how many educational resources exist, the problem is that while the actors may change, the play remains essentially the same. In today’s security world, it’s painfully obvious that we struggle to address the problems of keeping information safe and secure, and understanding the future impact of changes to the technology landscape in which we operate.

The challenge that lies at the heart of all the problems we face is as simple as it is powerful – we can’t keep systems secure because, at the most fundamental level, we cannot maintain a sufficiently complete understanding of all the different systems in our IT environments. It’s just too complex, and changing too fast.

Information technology delivers incredible capabilities to society and our business lives. So much so that doing business without technology has become unthinkable. Yet, as we continue building more power into the fabric of IT, and as we layer more capabilities into our information systems, the capacity for simple wetware humans like ourselves to understand what’s going on continues to diminish.

The recent disclosures of fundamental flaws in the microchips that power, well, just about everything, are prime examples. Even individual elements of our IT landscape are almost certainly more complex than can be understood by any small group of people. Add in more and more components and interactions, (as we are currently doing) and organizations will quickly reach a point where no one is sure what’s going on at every level of operations. Frankly, it’s hard to tell if most of what’s out there is even working the way it’s supposed to. Businesses of all sizes and across all industries are finding the capacity to have a common understanding of every layer of the IT stack has been defeated by the very thing we are seeking to build – advanced IT systems that drive the business.

So, how does this impact the security landscape? What does it mean for you today and tomorrow?

We have three choices. First, we can unhitch information technology from business, which is unfathomable and unrealistic. Alternatively, we could try to keep doing what we’ve been doing up to now: we can simply layer on more security tools to manage an infrastructure so hybridized in nature, so complex and so interconnected that the failures of the past will start to look like moments of shining clarity.

Or thirdly, we can get some help from big data, machine learning and analytics.

To deal with complexity that is simply too much for humans to handle, and ensure security is not compromised in any action, we need to consider alternatives that are non-human. Increasingly, technologies such as behavioral analytics are being coupled with the number crunching power of big data, and the forward-looking prognostication of machine learning and predictive analytics. These tools offer the power to sift through the complexity, and spot patterns of behavior (or changes to those patterns) that indicate a problem is occurring.

Spotting those certain devices, systems, applications or people that are behaving in an odd way has been the responsibility of security monitoring tools for a long time. And they generally do it well. The problem is that they only tend to look for things that we tell them to, and that is no longer enough as we attack the problem of securing these complex systems. We no longer have enough visibility into what could happen at every level of the systems and services upon which the business relies.

For example, it used to be where if someone logs into the network from two different sides of the planet at the same time, an analyst was able to flag an alert that one, or both, was a fake. However useful this is, it relies on the ability of the analysts to know what to look for in the first place. As the systems become more complex, the complexity of the interactions grow geometrically, surpassing our ability to plan for failure and seek out problems. Bringing together the technologies that can gather, store, process and analyze the oceanic amounts of data all these interactions generate will enable us to get ahead of what we know today, and spot the problems of tomorrow before we know they might be a problem at all.

The next two to three years will be a critical period for security technology. If we can build the security tools to help us poor humans keep critical business information stored in our systems safe and secure, the opportunity to really apply amazing technology solutions to real world problems will be unprecedented. If we can’t – if the big data-machine learning-analytics solutions don’t solve the problem – then it’s going to be a lot uglier than anything we could predict ourselves.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Fall 2018 issue of Security Smart