The New Threat Is You
How cybersecurity has Evolved: a View from the Trenches.
Sometimes I hear the words ’20 years in the business’ and think that sounds so substantial; so long. Fully half my life has been spent in the world of cybersecurity: creating software to protect networks, analyzing the expanding threat surface and how it has morphed. It has allowed me to create a global business that protects customers and surround myself with passionate and incredibly smart people who love building great, innovative technology.
But cybersecurity is not for the faint hearted: it is one of the most rapidly changing industries in the world with a veritable war being fought by those that want to disrupt and those that want to protect. Not a day goes by where I don’t think it’s incredible how far we’ve come on the journey to protect business continuity and stay one step ahead of hacks, malware, ransomware, data and authentication breaches.
The firewall was how it all began and that remains still important today, but so very much has changed. As we enter into 2020, a bit of pause, a bit of reflection and a look ahead is in order.
The Golden Age of innocence
When I first entered the cybersecurity space as young software entrepreneur more than 20 years ago, it was an immature industry, at best. The number of brands in the security market could be easily counted on one hand and the term ‘cyber attack’ was barely coined. It was rarely known by business leaders, and even less so by the vast majority of the earth’s population. Ignorance was bliss as they say.
At the time, “hacker attacks” were still attributed to the preconception of a typical hacker: the teenage pimpled-faced techie male (typically) nerd who wanted to make a political statement, or—more common—just a statement to demonstrate his or her superior technical skills. There slowly came to be two camps, white hat hackers and black hat hackers; good guys and bad guys who would meet on the emerging battlefield called the threat surface. Networks, servers and the Internet, where malicious code met its protective equivalent.
And the most powerful weapon on the good guy’s quiver? The firewall. Even though invented as early as in the 1980s, the firewall still came with a magic aura: the golden box that would just sit there on your network and magically make you secure. The simplistic concept of the firewall was appealing to the logical me, an engineer at heart; “The bad guys were outside your network, the good guys inside. Evil came with Telnet and FTP. No problem: block ports 23 and 21. Performance? Don’t worry, 100 Mbps had you covered.
We at Clavister invented our first firewall in 1996 and took it through the all the stages of the Unified Threat Management and Next Generation Firewalling evolution. Even though we’ve done a good job protecting our customers, the threat surface grew bigger and faster with hackers attacking servers in under a minute of being deployed and zombie botnets creating global armies of destruction. And more complex as cyber weapons were leaked into criminal networks.
A new paradigm would emerge to shift cybersecurity forward.
The Threat is You
Criminality—though there since the beginning of network security—became a forceful dominant over the last ten or more years, driving the security conversation. As new attacks, be that DDoS blackmail schemes, ransomware or compromising data breaches, became a daily occurrence to both large and small businesses, the idea of business continuity began to take hold.
All these businesses, now inextricably linked in their business processes and customer relations through the Internet and cloud, realized that their daily cost of business and reputation was their core asset and that attacks that hit them affected their bottom line. Ponemon Institute and others put a cost of an attack at USD 690,000 per business with a total of USD 45 billon for cyberattacks in 2018 alone according to The Online Trust Alliance with these numbers growing every year. As criminality becomes more profitable with prosecutions and penalties almost non existent, the threat to business increases every day.
That other aspect of the new paradigm started happening in the last ten years as we realized that the attack vector fundamentally shifted. Where once the primary point of attack was actors from outside trying to find weaknesses in the network (probing attacks) and security vulnerabilities that could be exploited (Zero Days or others), now instead, the users became the focus of the threat surface.
Verizon reports that a full 92% of network attacks come via phishing emails, emails that are sent to us and that we inadvertently click on which delivers a malicious download or ones that steal passwords. This also dovetails with the fact that as work becomes more mobile and remote, we rely on our personal devices. But those devices in turn become end point vulnerabilities that need to be protected to keep the network from being infiltrated.
I’d also put into this category IoT devices—all those connected devices that we use in our daily lives from smart light bulbs, connected cars, WiFi printers and a multitude of other things we take for granted. But after WannaCry, we now see that we’ve been too lax on this level of security, even forgetting that password protection is a responsibility even on this level.
Speaking of passwords: that leads me to my last insight on the great change I’ve seen in these last years to cybersecurity and one which drives home the point that cybersecurity is becoming almost personal. Recent research has shown that fully 80% of cyber attacks are coming from bad passwords and stolen identities that log onto networks. This new understanding that identity theft and breaches are driving the next wave of cybersecurity are very interesting ones. At Clavister, we’ve been investing into exciting technology which sees a ‘passwordless’ future where we authenticate who we are with our mobile devices using biometric data or other very personal tokens.
If you had asked me in those early days when we were building simple network firewalls if I could conceive of facial recognition software instantaneously communicating with a network and allowing users to be certain aspects of the network and not others, all the while using sophisticated AI and advanced threat protection to protect data and systems, my young self might have chuckled.
But we have a vision statement at Clavister: “An all-communicating world, based on trust and security” and I realize, more than ever, that anything’s possible and achievable as we move to this future place. 20 years on, I couldn’t have picked a more exciting field to be part of.
Want to find out more on Identity Access Management and the future of security? Read more here