Читать книгу The Digital Big Bang - Phil Quade - Страница 45

“The convenience of IoT devices comes at a cost: a vastly expanded attack surface.”

Brian Talbert, Alaska Airlines

“The drive to connect is an unstoppable force within cyberspace.”

Chris Inglis, Former Deputy Director, NSA

Enabling and protecting safe connectivity is the core mission of cybersecurity. At its most basic definition, cybersecurity is about allowing or denying access to information. That is how information is protected. And while the extraordinary adoption of the Internet may certainly have been powered by recognition of the incredible benefits of connectivity, it comes with risk.

The triumph of collaboration and connectivity coded into the core of the Internet has been manipulated to attack it. As the connectivity of the early Internet broadened—and with it, new targets—so too did the breadth and depth of the attacks. Every cyberattacker has at least one substantial advantage. As Sun Tzu succinctly stated in The Art of War, “In conflict, direct confrontation will lead to engagement and surprise will lead to victory.” Threat actors can choose when and where to strike.

When they do attack, they strike from multiple places, focusing their multifaceted approaches on your points of weakness—discovered through relentless attempts to breach the infrastructure that houses whatever data is most valuable for their own intent.

Each attacker may learn from other attacks about what worked, what didn't, and where the valuable data resides. This is one reason attackers often hold an advantage over defenders.

An integrated defense—a staple of high-end security strategies in all other areas and fields of protection—is an often-neglected cybersecurity fundamental. Too many point solutions offer insufficient defenses that leave the network vulnerable once penetrated. Maginot Line–style defenses, no matter how sophisticated, that focus only on keeping attackers out of the network are doomed to fail just as their namesake failed in 1940—only much, much faster.

The necessity of connectivity mirrors the importance of speed in cybersecurity: Less integration creates more vulnerabilities. For effective cybersecurity, defenders should take the same integrated approach as the architects of the early Internet did (and the attackers who soon followed). The architecture that underpins security must match the cooperative fabric of flexible integration mechanisms of the Internet as a whole. Cybersecurity architects must design security that leverages the connectivity of all defensive components. By leveraging the connectivity among defensive components, defenders can field an entire team of security players from within and beyond their organizations.

Just as security must utilize and enable speed, it must also have and empower strong connectivity.

With properly designed security, defenders can achieve the core mission of cybersecurity: Enabling and protecting safe connectivity and allowing or denying access to information. Defenders who adopt such an integrated defense will gain an advantage.