[BreachExchange] Successful cyber resilience takes a village
Destry Winant
destry at riskbasedsecurity.com
Wed Oct 30 10:07:43 EDT 2019
https://www.cso.com.au/article/668047/successful-cyber-resilience-takes-village/
Humans are the most successful predators to have ever existed.
We have an advantage because we are the only creature that plays in
teams. Other animals play fight, they run in packs, but not in
opposing teams. This team mentality allowed us to develop tactics and
strategy, as well as very specific forms of communication, which were
instrumental in the development of hunting and eventually war.
Then how, for such super-evolved predators, do we continue to fail so
badly at cybersecurity? The key to explaining this, I believe, lies
in both human nature and the loss of the village.
When the ‘village’ turned to the web
Villages still exist, right? Nope. They began to die in the 1990's
when we started buying personal computers for less than $1,000 and
internet access became a necessity at home (not just something at
work, the library or school). At that point the village – with its
sense of community and protection – disappeared, but our need for it
didn't. We are still compelled to find something that fulfils our
evolutionary desire for community, competition and domination. So, we
turn to the web.
You don’t need to search very far to see how people play in teams
online. Humans are unleashed and unfiltered on the world wide web,
continuously taking sides. Part of the problem is that the internet
removes the necessity for validation of what you choose to believe.
In a close-knit village community, there would always be someone to
tell you that you were wrong, if you were wrong. But this social
structure is disappearing, and we have not evolved to cope with it.
It is happening too fast and we do not possess the inherent mental
capacity to adapt to this new constant onslaught of ideas. Our
villages protected us, filtered opinions, verified news and were safe
places to discuss new ideas. Now, that protection is stripped away,
we are not coping with the deluge of data, nor can we keep up with
attempting to self-verify the validity of the information being hurled
at us. It's almost a form of torture.
Speed versus security – it’s human nature
But we're still super predators. You post an opinion, you will be
trolled. You put up some software, it will be hacked. It's what humans
do: we find any weakness and we exploit it. Sometimes individually,
more often in a team, but always looking to leverage any flaw we can
find to defeat whatever is in front of us.
As predators, we instinctively save energy to ensure our survival, so
everything we build is just "good enough." We only commit energy
where it's most effective: in the hunt.
Take coding and software development, for example. We continue to
uncover flaws in software and exposed secrets in coding repositories,
because developers favour speed and efficacy over security and
longevity. It’s this learned human behaviour that results in
fundamental long-term cybersecurity issues.
At the same time, predators are finding and exploiting these
vulnerabilities – because it’s what we do best. Over the centuries,
our weapons have evolved from the club to the phalanx to the armoured
horse to the musket to the canon to the bomb…. And in the digital age,
the weapon of choice is lines of code.
While this constant push and pull is happening, we don’t seem to ever
be getting any better at cybersecurity.
Adapt or die
Ransomware attacks have increased by 47 per cent since WannaCry in
2017. In Australia, akin to the rest of the world, healthcare –
followed by the financial sector – are among the most targeted and
vulnerable sectors. These are sectors that hold some of the most
valuable data, both personal and financial – a fact which hackers
exploit.
But we can better arm ourselves and adapt to keep up with new methods
of attack. Organisations and cyber professionals that want to be
better prepared need to continuously strategise to achieve the
cybersecurity advantage. Some strategies include:
1.Think like a hacker: Understand the architecture of the system, the
interactions between its components and external entities, and
understand its vulnerabilities, how it might be attacked.
2. Analyse the risks: Perform cyber risk assessments, including both
static and dynamic analysis, fuzz testing and threat modelling to
understand how the attack surface can be reduced and better engineered
for cyber resilience.
3. Set a base line: Establish your security and privacy requirements,
create quality gates and only use approved tools. Unsafe practices and
functions must be banned
4. Secure by design: Put secure software development in practice by
building software with security in mind from the first.
5. Prepare for the worst: Safeguard your team with core security
training and an incident response plan.
The Super Predator paradox
Human nature, the explosion of the internet and the loss of the
village has led to the ongoing cycle of cyber warfare we live in
today. The paradox is that super predators make cunning hackers, but
we humans don’t have a great track record when it comes to cyber
resilience. To give ourselves the best chance, we must adopt attacking
techniques in our defence: play in teams, understand the enemy, and
develop effective tactics to exploit their weaknesses.
Above all, we must take collective action… because we can’t do it
alone. Successful cyber resilience takes a village.
More information about the BreachExchange
mailing list