The Answer to Big Cybersecurity Challenges: Think Small

I just left the keynote stage at RSA 2017, where I called on a very large audience—more than 40,000 attendees in the hall or watching screens throughout the Moscone Center— to re-think the future. I argued that while cybersecurity and potential threats against the digital experience have never been bigger, current defensive measures aren’t working. Tomorrow demands a different response from all of us, starting today.

We need to think small.

At RSA 2016 I wondered aloud how we would handle a cyber disruption of the presidential vote. Twelve months later it’s clear that cybersecurity was front and center in our country’s national election. After all, data drives decisions and the election reminded us that decisions write world history. Specifically, stolen and manipulated data was commissioned to assassinate character and disrupt democracy. While I’m not questioning the outcome of the election, I am pointing out that cyberattacks played a real role. It was a case of data manipulation intended to mislead decisions on a grand scale.

But let’s put politics aside. This manipulation of data matters in a broader discussion because data is the bedrock of our economy. We rely on big data to drive decisions, so the small data going into our big data models must have full integrity. When it’s manipulated, it’s turned into a weapon and used against us. Big data isn’t the problem, but when big data becomes bad data, then small data is the big story. Weaponized data is the next threat vector challenging all of us in cybersecurity. In fact, I submit that weaponized data is the newest form of advanced persistent threat.

Of course, data isn’t the only thing being weaponized.

Securing the digital experience is a tall order, especially when it comes to the organizations we defend. Not long ago we focused on protecting an individual device, then one network, then a single enterprise. But I’d argue today that we need to turn our focus from a large attack surface to a small one—the home, and we should care about this smaller target for two reasons. One, it’s increasingly where many of us work, on whatever device we have in hand. And two, it’s our connected devices in the home that are now used to launch larger, more sophisticated attacks. Last fall’s Mirai attack on Dyn is a perfect example.

Mirai enslaved a vast botnet of household devices (including security cameras, ironically) to wreak havoc. While we could think of the attack on Dyn as just one more DDOS, I believe our adversaries were just testing the limits of our capabilities. It’s no coincidence Mirai is Japanese for ‘future,’ because the Mirai threat is alive and well—it points to where we’re headed. You have to ask yourself, will it find the IoT devices it needs in your home? Or will it enlist soldiers for its botnet army from the homes of your employees? The smallest of technologies are being turned against us in the biggest of ways. How do we make sure the Internet of Things doesn’t become the Internet of Terrorism?

It’s a strange irony. What we once protected, we must now be protected against. We’ve given the enemy the ultimate scale they need by connecting our homes and deepening our reliance on data, even as both are weaponized. What’s our call to action when the game has changed so dramatically? We need to flip the script.

We have to start thinking of ourselves as smaller players in a bigger fight—players that collaborate generously in a vast, largely open ecosystem. We can begin by integrating best-in-class features from numerous cybersecurity providers across a shared communications fabric. On the RSA stage I announced OpenDXL (Data Exchange Layer) to the wider industry. It’s a free, open solution to share intelligence and orchestrate security operations across thousands of tools we all use. Go to GitHub today and download the SDK. It’s our small contribution to the industry, and just one example of numerous ways in which we can truly work together to drive the outcomes we need.

To put it in its simplest terms, cybersecurity needs a Dream Team. Like the NBA players who took gold in basketball at the 1992 Olympics, we need to check our egos at the door. If big names like Michael Jordan and Magic Johnson can put aside their drive to compete, all in order to win the bigger prize, surely we in cybersecurity can follow their example. We’re better when we link arms with like-minded partners, intent on the same goals. It’s a small idea that can have a big impact.

Let’s work together.

The author is senior vice president and general manager of the McAfee.

Leave a Comment

10 − three =