By Gregory Pings
Welcome to the future. Here’s your smartphone, smart watch, connected house, and a printer that’s part of your automated, networked workflows. Also, it turns out that human nature changes more slowly than technology, so don’t forget to pick up your IT security solution.
Security breaches have always been top of mind. That’s why Xerox builds security into its hardware and services.
Learn more about security from Xerox
Insights on Data Protection on Xerox.com.
More articles about security on this blog.
Cisco ISE on Connect
State-of-the-Art Printer and Data Security on Xerox.com
Chief information officers (CISOs) flock to events like Black Hat in order stay up to date on information security research, development, and trends. Some of what you will hear there is available here. What follows are insights and advice from information security experts at Xerox, McAfee and Cisco.
Alissa Johnson: IOT security is a mission impossible
Xerox CISO Alissa Johnson (Dr. Jay) says that when you look for a particular problem, you will miss other things that you’re supposed to notice. The “adversary” — hackers and cyber thieves — know what you’re looking for, so they send things into your infrastructure that you’re not looking for. Or, at least, cleverly disguised as something you want.
https://youtu.be/-LsFq3vMmNA
The lesson of the moon-walking bear warns us that even security professionals will miss something they’re not looking for. At the two-minute mark in this video , Dr. Jay explains.
Dr. Jay, outlines three proactive security measures that you can do right now to spot the adversary.
- Hunting: Assume you’re compromised; take the offense. Breaches are based on three things; a visible IP, an open port, and a vulnerable service. Focus your efforts there.
- Zero Trust Model: Our innate nature is to trust and love. Think in terms of whitelisting instead of trusting. Whitelisting means someone asks permission to access before you grant the ability to access the network. The default can no longer be that if you’re in the network, then you are trusted. Trust must be earned.
- Cognitive security. Allow products to do things for us. Also known as advanced automation, it’s the most disruptive part of proactive measure. Allow systems to think and do. Right now they think and learn to analyze for us, then wait for a human to react. Let the machine close ports and blocking IPs. Let your people use their intelligence and creativity to keep you ahead of the adversary.
Dov Yoran: Automation can simplify the complex
“The world is moving fast. The world is complicated … There are a tsunami of devices being lit, turned on, communicating back,” Dov Yoran, senior director of the Security Business Group at Cisco, explained at a recent security summit. “These things aren’t necessarily built with security in mind.”
Dov walks through the challenges and complexities of operating in today’s environment, and how it’s evolved through the years. What has changed? Why is it more difficult?
ARVE Error: Mode: lazyload not available (ARVE Pro not active?), switching to normal mode
Dov walks us through the challenges and complexities of operating in today’s environment and how it’s evolved through the years. Watch his full presentation: https://youtu.be/arTFGcaJBqw
Inevitably, you will have a security breach, some sort of malware will bypass your company’s firewall or antivirus program. What can be done to mitigate the aftermath? In his talk titled “Changing the Security Equation,” he discusses how security teams can address these challenges to secure their corporate IT environments better.
“Can we take snippets of machine learning and big data and other analytics, platforms, to make us smarter?” he asks rhetorically. “Can we automate these things to bring the balance to our security teams that are protecting our infrastructure, and, of course, the people that are using it?”
Candace Worley: Get over the automation conundrum
Candace Worley, chief technical strategist for McAfee, says security professionals have traditionally been in a quandary over how and when to use automation in their security practice. Fifteen years ago, the majority of the workforce was confined to desks on premises. Today, with mobility, remote workers, and even employees’ desire to “bring your own device,” the technical environment is increasingly difficult to control. Automation seems to be the best way out.
In a digital world where threats change often and come faster than ever before, finding the right talent is increasingly difficult. Add to that the sheer volume of data that must be analyzed, and the limits of human capacity to sift through it.
Do we still have the luxury of seeing automation as a risk too great to employ on a broad scale? Candace identified three factors that play into the chief information security officer’s willingness to view automation as solution, rather than viewing it as a threat.
- The ever present and global nature of the security threats against their organizations.
- The overwhelming and increasing amount of data that needs to be tracked, processed and protected.
- The complexity of the IT environment.
ARVE Error: Mode: lazyload not available (ARVE Pro not active?), switching to normal mode
Candace says security organizations have typically limited their use of automation to the most mundane and least risky security activities. She asks if you still have the luxury of seeing automation as too big a risk. Watch her full presentation at https://youtu.be/7w9PsGPhigo
Information security professionals must look at automation as a medium through which some of their problems can be solved.
“Machines are extremely good at analyzing large groups of data in a rapid amount of time,” she said. “Humans can come in with strategic intellect, look at the context of the data, and interpret it.”
Steve Hoover: What children teach us about cyber security
Self-driving trucks are not programmed; they are taught. And so it goes, too, with drones, delivery robots, robotics, and the entire world of connected devices.
“Despite the history of security breaches, [organizations] are getting better at this,” Steve Hoover, chief technology officer at Xerox explains. “We are entering a big step forward in terms of the value, kinds of data, and amount of data that is at risk.”
Back to the truck example. The autonomous systems learn how to recognize safe and unsafe things in the world, and they make decisions on their own.
“When we think of cyber security,” Steve said, “we cannot think about systems that are static. We are dealing with systems that are changing their behavior in response to the world around them.”
So, how do you teach a machine? Your children serve as a metaphor. You teach them to make good choices, and how to learn the right behaviors that will keep them (and others) safe.
ARVE Error: Mode: lazyload not available (ARVE Pro not active?), switching to normal mode
Xerox Chief Technology Officer, Steve Hoover, and Ersin Uzun from PARC, a Xerox Company, discuss the challenges we face in securing smart, connected and autonomous systems. Two metaphors: Our children, and mother nature: How they guide our thinking on machine learning. https://youtu.be/RB2rnZjTO9Q
“We have to take drastically different approached to security,” added Ersin Uzun, who joins Steve in the video, above. Ersin, director of the System Sciences Laboratory at PARC, points out that no system can have a predetermined response for every situation it might face in an unpredictable environment.
“Not only should systems be self-reconfiguring,” Ersin said, “they must also be able to detect problems and recover from them.”
Indeed, the future has arrived. But the necessity for data protection and security will never go away.