Cyber Insecurity
Our society’s infrastructure can no longer function without computers and networks. The sum of the world’s networked computers is a rapidly increasing force multiplier. Today’s businesses are becoming heavily dependent on technology for integration, productivity and organizational scalability. Data is an increasing fraction of total corporate wealth and needs to remain secure while ensuring confidentiality, availability and integrity.
Increasingly, organizations require communications to provide rapid and agile collaboration, information sharing, and connectivity to data sources. Technology enables employees and partners to work and access systems anywhere, anytime – also placing systems at an increased risk by the same token of availability. The protection of digital assets during transport, and at rest on storage devices is essential to the life cycle of information as it transcends the border of physical and logical controls.
The world of security is becoming more complex and threatening every day. This increasing complexity embeds dependencies in a manner that may diminish the frequency of surprises; however, the surprises will be all the more unexpected when they inevitably occur.
Security is becoming a means and not an end; modern protection strategies are quickly shifting toward risk absorption rather than risk avoidance. Service orientated architectures and Web 2.0 technologies are fueling the internet revolution while at the same time rapidly deteriorating the security situation. That deterioration compounds when nearly all individuals and businesses are establishing dependencies on computer and communications systems. It is thus obvious that increasing dependence means ever more difficulty in crafting protections against known and unknown threats to systems.
The traditional network barriers that separated trusted from untrusted and “inside” from “outside” are now disappearing. As more applications become directly accessible to remote users and systems, the concept of the network perimeter becomes increasingly vague and more difficult to protect. Attacks are no longer confined to lower areas of the network stack and target widely adopted systems and software programs, having major implications globally, in all sectors.
Threats and risk are chiefly growing amongst the poorly coded applications, and unsophisticated end-users. Protections need to work together in a concerted effort to reduce risk and mitigate known and unknown threats to computing systems.
Modern day security has become architecture of devices, people and software that work towards providing the best possible layered defense against attacks.
Key drivers:
Increasing complexity
Sophistication of applications and attacks
Financial Gain for Hackers
Workforce Productivity
State & Government Compliance
Those with either an engineering or management background are aware that one cannot optimize everything at once that requirements are balanced by constraints. In engineering, this is said as “Fast, Cheap, Reliable: Choose Two.”. In the public policy arena, we must first remember that the definition of a free country: a place where that which is not forbidden is permitted. No society needs rules against impossibilities and I believe that we are now faced with “Freedom, Security, Convenience: Choose Two.”
For me, I will take freedom over security and I will take security over convenience, and I will do so because I know that a world without failure is a world without freedom. A world without the possibility of sin is a world without the possibility of righteousness. A world without the possibility of crime is a world where you cannot prove you are not a criminal. A technology that can give you everything you want is a technology that can take away everything that you have. At some point, in the near future, one of us security geeks will have to say that there comes a point at which safety is not safe.
A proud member of:
The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States. The FBI leads the U.S. Government side of InfraGard. Infragard provides a trusted forum for the exchange and channeling of information and subject matter expertise related to the protection of our nation’s critical infrastrcuture from physical and cyber threats.
