Data: the agent of cybersecurity transformation
Could cybersecurity be transforming from an ugly duckling into a beautiful, digital swan? The question isn’t as strange as it might seem.
Cybersecurity: the killjoy.
For a long while cybersecurity has been perceived as an obstacle to business, or even as being counter-productive. The additional investment that it requires in its development, maintenance and governance increases operationalisation times for a return that can be hard to quantify.
Traditionally efforts made in cybersecurity produce no value. At best, such efforts prevent any value from being lost, either in terms of finances or reputation. In an economic context giving pride of place to innovation, it might even be seen as a hurdle to competitivity.
Cybersecurity is also a question of a three-way relationship between:
- Users (e.g., businesses)
- Attackers that want to harm the interests of these users for their own gain
- Defenders that intervene to protect said interests
The way that businesses use digital tools (computers, networks, smartphones, etc.) presents vulnerabilities that will be exploited by attackers. For example, a weak password will easily be cracked by brute force, which will allow the attacker to enter an information system and steal sensitive documents.
As defence, the task consists in protecting and responding to attacks, either during or after the event, using anti-virus software and remediation policies, to name a few. But it also involves prevention and protection wherever possible, particularly through IS urbanisation and an effort towards increasing education and vigilance of users.
A company with a behaviour detection solution (as the attacker will behave differently to the exploited user) would be able to detect the attack and block the consequences. Beforehand, the company will have been able to set up a strong password policy and made its employees aware of the importance of good security hygiene.
The important role of data in digital transformation
The new uses for digital will bring about new vulnerabilities which will, in turn, require new security strategies. This is what we are seeing with digital transformation in the adoption of mobility and use of the cloud to move and centralise information outside the company’s perimeter and to share the tools for exploiting it.
We are seeing that data is of primary and critical importance in this transformation: a company’s ability to launch into the 21st century and improve its productivity by automating its processes in the interests of simplification and efficiency will rely on making the best use of the data it produces. In the past, data was simply a vector for business, useful for production or services, then forgotten.
Today, however, by its transformation thanks to AI and data science, it is becoming a business; it is data itself that we are going to exchange, after having refined and cross-checked it with other sources. All in all, the automation of smart data analysis is becoming vital in a company’s ability to position itself in relation to the competition. Let’s take an example. In the aerospace industry, recovering in-flight data from commercial airlines once it has been centralised will allow predictive maintenance models, that can provide a new service offer to construction companies, to be produced.
The impact of digital transformation on cybersecurity? The explosion of traditional perimeters
The direct consequence on cybersecurity of these new uses is the explosion of the traditional perimeter defence that, historically, had to be defined to defend users of digital tools. A first line of defence was designed in its early stages, typically via firewalls, to control unwanted access to the IS (castle or active approach).
Given how attacks and operating procedures have become more complex, additional layers of defence have been added that are no longer only technical, such as compliance controls, identification and access management, application security, etc.
Now the perimeter is no longer simply limited to the company. In effect, it exploded because it went global. In practice, useful data will be found in widely varied places: at a computer in an internet café on a beach in Thailand or on the server of a supplier offering the same type of service as a rival company, in a foreign country possibly escaping regulation in the organisation’s home country.
For all that, if we do not abandon the fundamental, crucial strategies for the defence of an organisation on its perimeter, these new uses will impose a new, data-centred strategy which will allow the issues to be addressed.
…and transformation as a guarantee of business values
To summarise, data is taking on an important role in business strategy, not only for adapting to new uses but also to new economies, by producing added value that is specific to job roles. Cybersecurity will also have to give it pride of place so it, too, can adapt.
Businesses want to be able to access information or a service anytime, anywhere, particularly thanks to the cloud, and on any device connected to the internet. We are living in the ATAWAD moment: AnyTime, AnyWhere, and on Any Device.
Cybersecurity will therefore have to:
- Ensure that my data is and remains available under all circumstances;
- Ensure that only authorised people can access certain types of data (access rights)
- Trace data history to ensure the legitimacy of its modifications
- Ensure that the data fully matches up with the reality it describes across the entire chain of exploitation
Of the four pillars of cybersecurity – availability, confidentiality, traceability, integrity – it is the last one that must grab our attention, because it has the potential to transform cybersecurity itself, or at least to change its position in the strategy.
By making data into a strength, companies are actually developing a weakness: data that has been maliciously modified, even drowning in a pool of correct data, has the potential to radically change a prediction to such an extent that it could disrupt or even break a business. Worse than no longer providing the service that a company is selling, it might find itself in the position of selling a false service, with consequences just as critical as the service delivered. If maintenance predicts no action needed, then what might be the consequence(s)?
In light of the ever-changing issues and the uses involving new risks which are calling for new security solutions, companies will no longer be able to cut corners on cybersecurity. Don’t data and its protection play a central role in a company’s strategy?
Changing the digital paradigm will bring about an awareness amongst professions and a deep transformation of cybersecurity. Change is in full swing, particularly at a time when regulations are being put in place to protect personal data, such as the GDPR. It seems that cybersecurity is about to transform from the ugly duckling into a beautiful white swan.
Derniers articles parRudy Guyonneau (voir tous)
- Data: the agent of cybersecurity transformation - 8 October 2018
- Why we need governance to support the development of AI in cybersecurity - 11 October 2017
- Artificial Intelligence will boost the SOCs of tomorrow - 24 January 2017