Protecting The Digital Planet
During the cold war, a new weapon was built to pierce any shield and for every new weapon a new shield was built that could not be pierced. This is the infinite game theory about will and resources, and who exhausts one or the other first and drops out of the game.
In terms of cybersecurity, I have been pondering the infinite game concept for over a decade and through multiple startup ventures in this space. We have continued to design “shields and weapons” like intrusion detection engines and anomaly detection powered by threat intelligence, rules grammar, regular expressions, probability theory, deductive, inductive and abductive reasoning. Yet, despite all this, the industry is still exposed to high-profile data breaches and ransomware. What are we missing? That is the question. Perhaps the answer is that we may be solving the wrong problem.
When it comes to cybersecurity for the Internet of Things (IoT), we need to examine not just where the problem lies today but also, and more importantly, where it may manifest again tomorrow. The 5G network and cloud at the edge are poised to be radical game changers in our lives. What we are observing today is far beyond digital transformation and data brokers. Google is no longer about a search engine, but about APIs. Facebook is no longer about faces, but about data. Microsoft is no longer about an operating system, but about a cloud platform. Cars are no longer about miles per gallon, but about software defined transportation. Factories are no longer about automation for production at scale, but about artificial intelligence (AI) and machine learning (ML) for robotization. Data centers are no longer about big data clouds, but about edge compute and software defined storage down in the fog.
What we are observing is the power of transformation. From the stone age, through the middle age, modern age, digital age, to the data age – the global economy has evolved to the digital platform of data as the fuel that drives intelligence. Intelligence can transform knowledge into tools to be creative, or knowledge into weapons to be destructive. To begin to solve our cybersecurity challenges, we can harvest device intelligence for use as a self-defending tool for cyber protection. Likewise, we can transform device lifecycle management into protection lifecycle management. And finally, enhance privacy and integrity of data to establish trustworthiness of data to prevent weaponization.
The tectonic plates are moving in cyber space. The Future of Things is in the “Things of the Future”. Things are no longer connected simply by wires and protocols, but by waves (5G) and APIs. These “Things of the Future” are devices with north, south, east, west connectivity, requiring a perimeter- free, friction-less operating surface.
The traditional information technology cyber security rules identify indicators of compromise on a hacked device – as a forensic science. Forensic science is the discipline in which professionals use scientific means to analyze physical crime evidence. Life science is the study of life and living things. A paradigm shift is required to enable data sciences to new heights and objectives for a safer digital planet. The new IoT cyber protection paradigm must use artificial intelligence with device intelligence – as a life science. As we transition from old security models, cyber strategies will necessarily pivot from reactive methods such as detection, forensics, and forensic science, to proactive methods such as protection (vaccination), self-defense (immunity), and a life-science approach to cybersecurity.
Cyber Protection as a Service is the enabler to protect IoT platforms in the era of digital transformation. Ask not whether the device is compromised, ask whether the device has protection. Change the Rules. Protecting emerging IoT devices and edge clouds is an Infinite Game, and it has just begun.
Here is a fascinating lesson about protection lifecycle, that history is testimony of, that remarkable solutions are possible with ingenuity.
The Ashoka Stupa, a 7-meter long pillar outside Delhi, India, was built 1600 years ago and is made of iron that has not rusted. It is 98% iron and the remaining 2% comprises of lead, brass, bell metal (copper and tin) and phosphorous from wooden blast furnaces (instead of modern limestone blast furnaces). It does rust in the first phase with water and air (ferrous oxide FE-O), however a chemical reaction between the metal and the first phase creates misawite to form a ferrous oxide hydroxide (FeOOH) which forms a passive layer of “self-defending protection” (https://en.wikipedia.org/wiki/Iron_pillar_of_Delhi).
Mocana helps device operators bridge the adoption challenge between device vendors and service providers, to enable digital transformation with the emerging 5G network, edge cloud and SD-WAN. We protect the content delivery supply chain and device lifecycle for tamper-resistance from womb-to-tomb, with root-of-trust and chain-of-trust anchors. We measure the device for persisted integrity for trustworthiness of operations and data to power AI/ML analytics. Our team of security professionals work with semiconductor vendors and certificate authorities to integrate with emerging technologies to comply with data privacy and protection standards. The goal of Cyber Protection as a Service is to eliminate the initial cost of modernization for device vendors and empower service providers to offer subscription-based services for effective and efficient digital transformation of things.
Mocana’s core technology protects more than 100 million devices today and is trusted by over 200 of the largest industrial manufacturing, aerospace, defense, utility, energy, medical and transportation companies globally www.mocana.com.