The U.S. as a country has a long-standing history of fighting for freedom from powerful authorities. Now, we are in a new fight: one that affects us not in a traditional manor such as a physical invasion, but one that is virtual. In light of this, we’re celebrating Independence Day in cyber fashion by sharing our thoughts on achieving cyber freedom.
As the flurry of breaches continues, the recent Office of Personnel Management (OPM) breach is the tip of a very deep iceberg that will ripple across our country, effecting many people both directly and indirectly. Although OPM is the most recent breach covered in the news, many people still recall the impact of others including the Internal Revenue Service (IRS), Department of Energy (DOE), Veteran’s Affairs, U.S. Navy and commercial organizations such as Sony. The breaches are broad-reaching and are effecting practically every sector globally. While the federal infrastructure needs to be fortified, we need to re-examine the problem by observing the optics of a successful breach. The playbook is all too familiar; one way or another, a bad actor is finding its way into the network. Once in with a set of valid credentials, they are finding a way to map the environment, identify high value targets and the privileged user accounts that are associated with access to it. The prize is identified and the key to access is through these elevated credentials.
These attacks are focused and are not designed to create anxiety, or let us know they can breach our environment, but to truly inflict damage on our way of life. This comes in many forms from compromised PII/PHI, to accessing critical military data, to potentially effecting the critical infrastructure that runs our county. The end result is a costly exercise in our freedoms as individuals (credit, identity theft). As citizens, these attacks compromise tactical advantage in the military space. Lastly, from a corporate and state standpoint, these attacks can bring down financial markets, power & utilities and various verticals by releasing high value content (R&D, pharma, IP, etc.) that could be sold on the black market. Bottom line, cybercrime will lead to extensive damage that could dramatically change our freedoms as a country, as a corporation or as a citizen.
If networks are being breached, even when leveraging rich analytics and real time security tools, data is still being stolen. It’s time to move the measures to a different area of the environment, the data itself. What does this mean? It’s time to encrypt everything.
Now, encryption itself is not the Holy Grail. This has been commented on by several pundits around the OPM breach as well as other events. I would agree encryption without operational control of the who/what/where/when of access is somewhat meaningless. Access-based controls along with strong cryptographic measures will take many threats off the table. Will it stop bad actors from gaining access to accounts and being in our networks? No, but it will take many threat vectors associated with SysAdmin and Root. This is all too often becoming a recurring theme of data exfiltration. Most importantly, this type of measure can work horizontally throughout the enterprise and be inclusive of the data center, cloud and autonomous servers -- a powerful addition to any layered approach to enable protection of our critical data.
Bad actors from individual groups and Nation-states will continue to attack the virtual and physical worlds. This new battleground needs to be fought with all the data security weapons we have at our disposal. My hope is that we fortify our defenses to defend our data. As a country, our personal freedoms have always been a hallmark that has defined us, and we need to demonstrate this commitment with resolve in this new battleground, and retain our freedom of our identities.
Would you like to become a defender of data? Tweet to me @Wayne42675 or visit www.Vormetric.com to learn more.