Security Market Segment LS
Tuesday, 08 October 2019 17:01

'Super predator' theory explains cyber security problems Featured

By
BlackBerry global head of cybersecurity services Campbell Murray BlackBerry global head of cybersecurity services Campbell Murray

BlackBerry global head of cyber security services Campbell Murray has a theory that humanity's position as the only "super predators" on the planet explains why we have so much trouble with cyber security.

Murray points out that our combination of brainpower, dexterity, endurance and other characteristics mean that despite not having a particular specialisation "we can do pretty much anything any other animal can do, well enough [to prevail]."

So where one person without modern weapons might be easy prey for a bear, 10 people with primitive weapons can take down a bear.

Humans have adapted to predation, but aren't so good at defence.

For example, centuries ago, people built castles as protective structures. But other people quickly worked out multiple ways of attacking a castle: climbing over the walls, tunnelling under the walls, poisoning the water supply, cutting off the supply of food and other essentials, and so on.

"That's exactly the situation in cyber scurity," Murray told iTWire while he was in Melbourne for the Australian Cyber Conference. "People are out there trying to get your stuff... [data] is the new spoils of war."

"Defence is high effort... [and] very hard to implement," he suggests.

It's not as if this is a new problem. The earliest known example of two factor authentication dates from around 54 BC, he says, and combined the use of a Caesar cipher (requiring knowledge of the offset used) and a scytale (requiring possession of a tapered rod of the correct dimensions in order to read the enciphered text correctly).

But IT increases the stakes due to the massive amounts of data that can be extracted once access has been gained.

Asked about the implication for security roles, Murray said "Most of my team are predators – that's what they're paid to do. After 10 years or so, some of them move into Blue Team (defensive) roles, where they address their new responsibilities by asking 'how would I break in?'

For example, when BlackBerry conducts code reviews on behalf of clients it finds 'time bombs' (pieces of code that are designed to cause damage after a certain date unless updated by the malicious developer) "all the time."

IT workers generally need to "put up as many walls as you can" in order to "be a hard target," he recommends. (The idea of layered defences has gained considerable currency in recent years.)

This is especially true in industries where you find many people, he says. Places like airports and hospitals involve lots of people in lots of roles, and many outside service providers.

Patient records are particularly attractive, so healthcare providers tend to store only essential data in order to reduce the risk.

Murray predicts that in the future, people will be more likely to ask what they are actually getting in return for allowing organisations access to their data. There is currently a widespread assumption that everybody is being profiled, so there's no point worrying about it, but he thinks today's young people will change their minds about this as they accumulate assets that are worth protecting, and "there will be a shift in consumer approaches to data in the next ten years."

People are beginning to move back from mobile apps to the corresponding web sites as a way of increasing their privacy, he says.

If people remove their personal data from the "corporate treasure trove" (or at least stop it going in there in the first place), and then the bad guys will go after something else.

"Commerce won't stop, but it won't be feeding off individuals," Murray predicts.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments