Doug Olenick, SC Media Editor, recently penned a blog entry, in reaction to McAfee's recent report, called, “Dad, I'm not wasting my time on Xbox, I'm studying to be a cyber pro.” While I love the idea of having potentially uncovered an entire generation of cybersecurity experts just waiting to flex their gaming skills, I'm not quite on board with the idea.
My proposed solution is one you've likely read about a lot lately: blockchain and smart contracts. These technologies allow us to redefine the economics of cybersecurity and advance the industry. The industry doesn't just need more security experts, it's suffering at an even deeper level.
Right now there are 90 million attacks annually and nearly 70 percent of emerging threats go undetected, according to We Live Security. This means, in addition to a lack of experts, we are looking at challenges with interoperability and the ability to scale to meet the needs to evolving security threats. At PolySwarm, we're hoping to fix all three of these issues—all thanks to the blockchain and smart contracts. Let me explain.
Blockchain allows enterprises and cybersecurity companies to transcend the limitations of geographic regions. Gamers aren't the solution to our lack of security experts because there's an interesting issue at play here: “Severe cybersecurity skills shortages persist in every country with Israel and UK worst affected—only in the US and Canada does the supply of job seekers exceed 50 percent of employer demand,” according to data from Indeed.com.
If we don't open the boundary lines and allow a global pool of experts to participate, we'll continue to see the same problem persist; countries, home users and enterprises left with minimal coverage, making them an easy target for attack.
In the PolySwarm ecosystem, we eliminate this limitation, allowing enterprises can scale their security teams faster. With access to security experts around the world, they have a vast pool of talent to assist in proactive threat intelligence.
Why do 70 percent of threats go undetected? Today's market does not reward interoperability, making combinatorial coverage infeasible. Instead, it incentivizes overlapping coverage among competing products, causing a duplication of cost and effort, while missing a vast majority of threats and malware.
With PolySwarm in particular, interoperability will be possible because our hope is that the large single vendor organizations, like McAfee and Symantec, will plug into the PolySwarm ecosystem. When this happens, they can provide more robust coverage for their users (including you, enterprises and every other anti-virus user).
For enterprises, this means they're no longer forced to choose the least-worst solution that somewhat fits their needs. PolySwarm's ecosystem allows for tailored intelligence that addresses their threat profile. For home users, this means they can count on more reliable coverage that keeps them safer.
Efficiency and Innovation
Smart contract technology, built on the Ethereum platform, and the decentralized nature of the blockchain, can make threat detection more efficient. A great example of this comes from within PolySwarm, where smart contracts allow us to incentivize experts to innovate, without having a middle man collecting fees or dispersing rewards.
In this way, we make the process simpler, more efficient and faster. Here's how the automated process looks: Enterprises submit their artifacts (malicious files, URLs, etc.) with a reward attached. Experts within the network can then submit their assertion on the malintent of the file. Once an assertion is determined to be accurate, that security expert is automatically rewarded.
This not only automates the threat detection process, but encourages security experts to innovate and break the mold of today's iterative threat intelligence offerings.
Gamers or Blockchain?
In my mind, it's obvious which of these two is most likely to fix our broken antivirus industry. While gamers may be more readily available, that only solves one part of this problem. It doesn't help us reduce the barrier to entry for security experts across the globe, nor does it improve efficiency, scalability or interoperability.
As the blockchain and smart contract technology evolves, and more players come onto the scene, I'm confident we'll see this new technology lead us to a safer, more secure world.