We just came back from the RSA Conference a few weeks ago and to quote the famous American philosopher Yogi Berra: "It was deja vu all over again." The same messaging we saw in 2002 was still front and center in 2022, that it’s possible for us to stop cyberattacks.
For the past 20 or more years, the cybersecurity industry has focused on stopping hackers, criminals, and nation-states from infiltrating computer networks. We have failed, and it's finally time for a new strategy.
In today's connected world, there’s too much to manage and control. We connect with trading partners and complex supply chains. These offer unlimited “back doors” into our networks and opportunities for hackers and criminals to pounce. Building an impenetrable fortress has become impractical and unachievable.
Over the past several decades, cybercriminals have evolved and changed their strategies dozens of times. Isn't it about time we as an industry do the same?
We must finally conclude that we can't stop access to our networks, but we can lock them down from the inside so that cyber criminals feel like burglars entering an empty house with no furniture, valuables, or even walls.
It's pretty simple: no data, no theft, no ransom.
There’s a major gap in cyber protection – data becomes openly exposed once perimeter defenses are bypassed. Firewalls, encrypted systems, and anti-virus protections are often easily bypassed by cyber adversaries or nation-states. Our industry does not like to talk about this dirty little secret, but that’s the reality.
And moving to the cloud doesn’t solve all our security problems either. Data doesn't stay in clouds and needs to get shared, emailed, collaborated on with others, and stored in multiple locations. In addition, it’s not possible to process all data on clouds, leaving edge devices vulnerable to a seemingly endless array of attacks and vulnerabilities. Adversaries penetrate defenses and go undetected across infrastructure (edge devices and clouds) for months or years.
Let's change the paradigm. We need a new approach to data security that protects data in the storage device itself and at the individual file level with multi-factor authentication protection and a new method for security key creation and storage.
Take critical data and make it completely inaccessible and invisible to adversaries. Ransomware simply cannot encrypt data that hackers cannot access or suddenly ceases to exist from the operating system point of view. Enterprises can make life so difficult for bad actors that they'll simply go elsewhere.
It’s possible to deploy an end-to-end software and hardware solution that defeats data theft and ransomware from both physical and remote attacks by keeping sensitive data hidden below the OS layer and protecting that data with zero-trust access controls when the data becomes live. For added security, we can build firmware-based machine learning into self-defending storage systems to detect and respond to unauthorized attempts to encrypt, clone, or live boot data, even after a user logs in. Critical data can remain invisible and inaccessible to attackers at all times, forcing cyber adversaries to move on to the “next house.”
Sophisticated attackers employ specialized tactics to bypass or disable traditional protections that many of us saw hyped and advertised at RSA. By contrast, data-centric protections render sensitive data invisible and inaccessible to all unauthorized parties – even after the inevitable intrusion.
We live in a world where everything old becomes new again. The fashion of two or three decades ago has become trendy again. Cybersecurity can't live by the traditional societal norms. In cyber, old tactics and strategies are antiquated.
It's 2022: it’s no longer possible to stop a cyberattack. But, security teams can eliminate the reputational and monetary damages.
Steve Nicol, chief operating officer, Cigent Technology, Inc.
