Cybersecurity in a Connected World: Key Issues

11 Feb 2016
NEW DELHI, INDIA: Cybersecurity is a growing concern for enterprises as well as governments. With changing threat landscape hackers have devised new methods to infiltrate devices, networks and everything which is connected. We spoke to Jean Turgeon, VP and Chief Technologist, Software Defined Architecture, WW Sales at Avaya on cybersecurity issues and what can be done to tackle the challenges.
Scanners, CCTV, detectors, are all in place to prevent crime, loss of lives, etc. is all this technology failing governments and citizens alike?
While various technologies continue to evolve and are being implemented today to address specific security or business needs, the real impact on citizens will only be seen when analytics allow them to be combined in real-time, simultaneously with some artificial intelligence behind it.   Virtual agents need to evolve towards Smart virtual intelligence delivering big data real-time smart analytics.
For instance, somebody going to an ATM machine at midnight and being captured on a CCTV system is hardly unusual, but if that same individual was to withdraw the maximum amount from all their accounts it would be a trigger that there may be something suspicious. Hence further analytics may be required: what if those analytics now confirm this person has outstanding infractions, has not paid their loans or has a criminal record? What we want is for the system to be able to  notify the police, inform them of the exact location of the individual, enable tracking through their mobile device by enabling GPS location overriding settings from the Service Provider’s network, automatically update or create a record for tracking and document every single actions following for future analytics. So we can see how all these technologies coming together will make a difference.
Can technology really be deployed to prevent human mistakes?
In some cases it certainly could; the main reason is virtual intelligence takes emotions out of the equation. When you have a sophisticated database based on past experience and lessons learned, generating the best possible outcomes, there is definitely a strong possibility of eliminating human error.  Imagine a person responding to a critical situation where their stress levels are at the highest, you can easily imagine that they may react quickly to a noise, or movement, or whatever in a way that doesn’t generate the desired outcome.
Now imagine the same scenario, this time with a robot guided by real-time analytics that take information from the CCTV system, wearables, historical events, or whatever to instruct the robot on how to react to the situation; this could definitely give us a much better outcome. If you apply this to an enterprise where its infrastructure is under Cyber-attack, one can easily imagine how an automated business workflow could be triggered as the attack is detected, enabling the system to take the necessary action to either redirect, isolate, quarantine, or even stop the attack – and  also  notify a  government security agency to also take action.
How do we define security in today’s threats: public security, business security, national security, personal security? Cybersecurity in a connected world is an underlying factor? What can governments, businesses large and small, do to proactively manage security?
Cyber security impacts everyone in this connected world. Every time you connect to an infrastructure you have potential threats – that doesn’t mean we should be paranoid about it, but it is a fact we are facing more and more in this hyper-connected world. The old approaches of relying on perimeter defense and rule-based security are now inadequate, especially as organizations consider deploying a hybrid cloud model with potentially open API’s accessible to partners and customers to easily integrate with their systems in the new SD-X (Software Defined Everything) world.
Think of all the potential ways you may be connected as you read this article. You could be reading on a smart phone, a desktop, a tablet, or you may have a badge or a card with a tag or with one of your device enabled for Bluetooth or NFC; we are connected all the time now.
Public or national security is clearly different to business security but all of them impact personal security in some ways. Public security is often related to the transportation industry such as trains, airports, highways, etc., while national security is typically associated with much broader and impacting events we see around the world.
While business security is related to protecting your intellectual property, or that of your customers, the key for all parties concerned is to ensure you always reduce your surface exposure (surface exposure meaning all the entry points that an attacker can use to enter your environment) to the public infrastructure, without losing sight of the number of attacks originating from the internal private infrastructures. By reducing your surface, which means ensuring you do not have any statically accessible services (which are functionalities that are less used or unnecessary), strong authentication factors (minimum 3) should always be used before extending services to a human being or a machine. Monitoring can help prevent attacks of course, but the less static services exposure you have, the less likely you are to be exposed to security attacks. Take the example of being connected to a hotel Wi-Fi network: there are now solutions available to deliver a secure personal wi-fi experience and provide guests with completely isolated zones others guests can’t access. This is the type of model we must apply more and more to reduce the risk associated with potential cyber-security.
In many countries, there are a number of social and political security issues that come to mind – While there is no magic fix, can you give examples on how technology can be built to solve some of our most pressing issues (national, social and environment related disasters for example)
Well, as you state there are no magic fix to these on-going threats but the best way in my view is to continue to reduce the services exposure to the public internet, while imposing stronger authentication methods – even to services you want your citizens or customers to use. While at first it may appear to be annoying to some, the benefits and ability to track individuals or machines trying to gain access to confidential or corporate information will substantially out-weight the few steps individuals or automated system would have to go through to reduce the risk.
External threats are in fact in my view sometimes easier to prevent: I am not suggesting in any way it is easy, but you typically know where the entry point is and what information they are trying to get to. Internal threats are in many cases more difficult to deal with, but when one looks into it, the industry makes it way too easy for people to penetrate an internal infrastructure. Just simply look at various institutions and how easy it is to get into the building, or once you are in the building how you can easily have access to the entire facility, connect via Wi-Fi or ports pre-configured for a specific service such as a phone, video conferencing unit, and so on.
You should also be implementing stronger multi-factors authentication systems while you leverage the technology to track people and automate security response based on intelligent real data analytics. We have GPS, Wi-Fi triangulations, iBeacons, RFID, Video Surveillance Systems with sophisticated movement, gesture or presence detection, in addition to biometric systems to control access to areas or systems.
All of these can provide much stronger security implementation but yet, the market seems resistant to changes where the legacy IT is holding businesses back for the wrong reasons. The world has moved to the human and device mesh, the infrastructure supporting the connectivity can’t continue to be based on a legacy client/server architecture. The technology is here today, but too many vendors try to continue to convince customers the old way is good enough, it is NOT the case and government, businesses and citizens have the right to demand a change.
For instance, why can’t I have a one-click button to push at any time on my smart phone to call for help, why do governments continue to tolerate service providers not allowing data services on mobile devices which MUST be used to provide exact location and ability to deliver content or enable the smart devices as video inputs for the emergency response team?
The same applies to the transportation industry. Why is it we let citizens head down a highway when we know there is an accident and the highway is fully congested? Why is it we don’t inform the population when a storm is near by through all the mode of communications we have? It is great to use radio or TV for this, but why can’t the government mandate service providers to immediately send an SMS to ALL of their subscribers when a critical situation is on-going?
We need to see changes in this space, some countries are further along but there are still too many organizations living in the past and not taking full advantage of the technology available to them. The status quo is NOT acceptable.

This article appeared in PC Quest , February 11, 2016