The moment you start to spend time reading about the latest developments in cyber security, it’s when you’ll find yourself remaining awake the entire night following the recent developments. The topic of cyber security can be fascinating as hackers target nearly everything from airplanes, cars, medical devices, TSA locks to voting booths.
What’s more cybersecurity is now big business. It is becoming increasingly hard to come across a successful business that does not quite appreciate the numerous benefits of IT support managed services. This is, in part, why many IT firms have surfaced offering business organizations tact and strategies they can use to stay hidden from hackers’ radar.
However, the bigger picture is the most frightening. China is alleged to have hacked every major company in the U.S. Edward Snowden leaks revealed that the US government has participated in major national and international cyber crimes. Lastly, the Ponemon Institute alleged that the identities of 110 million Americans were compromised in 2014.
This clearly indicates how the system is broken as it is not protecting the citizens, companies or the government. The worst is, nobody seems to know how to protect it.
How Did We Get Here?
“You have nothing to worry about so long as you keep bad actors and bad software out of your system.” This is one of the deceptive truths that have driven much of the cyber security industry down the rabbit hole.
Malicious actors target endpoints, that is, the devices connected to a network as a way of breaking into the network. Network security, on the other hand, protects these devices with firewalls, passwords, and certificates, thus creating a secure perimeter to secure the entire system.
Achieving this was not a challenge in the early days of the internet and online threats. However, most private networks are having a challenge in this because they have too many endpoints to provide enough security.
The security model remains focused on perimeter defense because no one knows how to protect the entire system. For the security experts to address these threats, they should assume compromise – that’s their defenses have already been breached by hackers and malware. After this, they should be able to classify and mitigate the threats.
The CIA Triad
The information security community has come up with a model to assess and deal with the threats. The model breaks information into three essential components: integrity, confidentiality, and availability.
- Integrity. This means making an assessment of the software and the critical data within your networks and systems to know whether they are compromised with unauthorized or malicious codes. Malware and viruses compromise the integrity of the systems they infect.
- Confidentiality is keeping and protecting your secrets. Common threats to confidentiality include espionage and data theft.
- Availability this is where you ensure your systems are running and granting admins access to critical networks and controls. Availability is mostly threatened by data deletion and denial of service attacks.
The Biggest Threat
Integrity is the least understood and the most ill-defined. What many people fail to realize is that it is the biggest threat to governments and businesses today.
On the other hand, confidentiality is what the cyber security industry mainly deals with. Many companies focus on encryption and perimeter defense. The daily song is “encrypt everything” which is vital to good security.
However, if the integrity is not protected, the keys used to encrypt the data remain vulnerable to malicious attacks. The security plans in most of these companies rarely address integrity. What people should understand is that loss of integrity is a bigger danger than the loss of confidentiality.
What Can We Do?
The technology cyber security relies on is part of the problem. One of the dominant systems for the last ten years has been the public key infrastructure (PKI). This is also known as a lock and key system, which prevents unauthorized users to access critical systems and messages. The PKI ensures that only users with the right key can access the systems and messages.
However, cyber criminals are trying as much as possible to attack the systems, and once they get the key, it becomes useless. That’s why many companies are struggling to identify all the parties with access to their systems or the level of access they have to their systems. The PKI remains vulnerable to integrity attacks.
On the other hand, an integrity solution acts less like a lock and more like alarms. It monitors all parts of your network and alerts the admins if something changes unexpectedly. This is basically from the access points at the perimeter to the sensitive data within it.