Control and Security in an Ever Changing World
In this world of 5G, Internet of Things (IoT). Things, talking to things. We are at risk more than ever before.
With the use of Artificial Intelligence (AI), Machine Learning (ML), systems learning behaviors and the use of behavioral analytics. We are mostly confused as to where to turn to for advice, support and the right technology to underpin it all.
With Artificial Intelligence and Cybersecurity, attacks are moving with a speed we haven't seen before. Or perhaps we haven't been paying attention!
We must have a human overseeing security protocols and threats.
I recommend posing the question: Should the human be in the loop? The obvious response is “yes!”
Consideration must be given to the ethical use of Artificial Intelligence and
Machine Learning Systems. It is important to declare the intentional use of a technology. Understanding the potential for abuse is foundational to this discussion.
With pervasive threats from Internet of Things (IoT) and 5G, we must understand a secure IoT architecture down to its chip level. Separation of dependencies perhaps is a start here as complexity provides even more vulnerabilities.
Governmental Best Practice and Regulation
We need to have discussions with policymakers to think about creating a certification program. It becoming a requirement for small to medium sized businesses at different levels and in different countries. If a certification program is perceived by those in the industry as complex, then at least it will articulate risk and governance e.g. Where is accountability at all levels of this ecosystem?
Independent testing certification groups are also fundamental perhaps at least in understanding the “known threat vectors.” Education and training needs to be offered to small and medium sized businesses and their suppliers.
Certification programs must also become a requirement for governmental policymakers, because they must be current with their tools and procedures.
Security is EVERYONE’s responsibility and perhaps penalties may be considered by government entities. However, the desired behavior has to be incentivized, encouraged, and even "Regulated" amongst our community.
Safety is Critical in this new World of Smart Homes
With Cyber Security, you're talking about safety, especially with Artificial Intelligence. I think with regard to Internet of Things (IoT) in a “Smart Home.” As an example, your attack surfaces are spread throughout your entire personal life so we need to address caution.
We have to look at understanding what it means to have a particular device that monitors your temperature in the home, and cameras and so on and so forth.
Because hackers will just hack! But then we have to think about state actors, because they've been ordered to hack they'll use all kinds of tools. Some are not as sophisticated as you think. So using Artificial Intelligence (AI) systems and the correct procedures and of course the right technology partners; we can stamp out most threats, if not all threats from attackers.
Some Important Questions when Thinking about Cyber Security
What does the architecture look like at the chip level?
How do you separate all of these services that are spread across everywhere?
How do you make sure there's some hygienic stuff that's very, very basic?
With Artificial Intelligence (AI) you have to break it down specifically to what you exactly want it to do.
Machine Learning (ML) in Cyber Security involves machines learning behaviors. But we have to be consciously cognizant of what is going on. My thesis is that you will always need a human in the loop to interpret the information that's given to you, whether it's valid or not.
Reputation Management and Securing your Critical Infrastructure
Reputation systems are very important within Cyber threat management. Making sure what is being served up to you is “Authentic.”
Because you can try and do something, but when being attacked we only have minutes and seconds, seconds and minutes.
For example with some colleagues, they had some wrong profiling. The last time I heard about it was with a lawyer!
Profiling can happen because you have an accidental record of your name, confused with something else that's negative. Maybe you are associated because of the name clip with a bad actor perhaps, but that ruins your reputation.
So we have to know what attribution looks like and then with Cyber Security because of Artificial Intelligence, and so on.
Then you get into the notion of Cyber Warfare and that is a big concern because you're talking about completely borderless attacks and not just about moving tanks.
You don't know who the people are. But attacks will happen at an economic level, potentially bringing down a critical infrastructure.
Education is very important to make sure citizens, organizations and the government are cognizant of security and on top of education, partnering with leading organisations is key. Companies that are tried and tested are still always refining their protocols and systems and innovating in a stable environment.
Authored By Monique Morrow and Nathaniel Schooler