The 3Cs & the Journey of Cyber Security
By Virginia M. Rometty, Chairman, President & CEO, IBM
It is estimated that by 2020 our world would have produced 44 zetta bytes of data. A major portion, about 80 percent, of the existing data is unstructured and for the world of cyber crime that’s like a bull’s eye. The world of cyber crime is organized today and in order to combat them, we need to be organized as well we must emulate them.
Eras of Cyber Security
I think of the cyber defense with respect to three different eras. The first is similar to protecting a castle in the older days, or the moat castle analogy. It is like putting up different defenses such as moats and bridges around a castle, or say installing alarms on doors and windows around your house. Integration between these individual defense points was the biggest issue, since normally the alarms would come from different sources. This strategy was necessary, but unfortunately insufficient.
The second, which is also the present era, belongs to security intelligence and it’s very much analogous to the immune system. Security intelligence looks out for threats just like the immune system stays vigilant against any infection within a biological system. Once located, security intelligence quickly surrounds the threat and prevents it from further spreading and infecting, just like the immune system.
The next is the cognitive era, which is knocking on our doors. The cognitive era would expand beyond predictive capabilities to include the capability of discovery it would enable discovery of things that could have never been attached together, since the relation between them was never recognizable.
“ What the world of cyber security and information sharing needs is similar to how in the past the world developed epidemiology and organizations such as the World Health Organization”
The 3Cs or Paradigms of Cyber Security
There are three paradigms within the cyber security space, and I stress on the first, which is collaboration. Based on the survey I mentioned earlier, about 50 percent of CEOs believe that to combat cyber threat they should collaborate individually. But, in reality only 30 percent are actually willing to do so.
Again, I find the similarities between healthcare and the technology industry very interesting. A company needs its own security perimeter just like an individual body requires an immune system. But, what the world of cyber security and information sharing needs is similar to how, in the past the world developed epidemiology and organizations such as the World Health Organization. The reason is— hospitals and countries could care for diseased individuals, but they needed to have a network in place through which they could share information and contain an outbreak, if any. A similar capability is needed for the cyber security space and that’s why collaboration is so important.
Based on this need, we have moved ahead with two different initiatives. First is the X-Force Exchange, a threat intelligence sharing platform, which today is worth 700 terabytes of real-time threat data with over 10,000 users. Next is App Exchange which was opened with APIs so that different players can develop different kinds of integrated cyber defense capabilities.
In the future, governments are likely to decide on how to protect organizations against cyber attacks. IBM feels the best way ahead is a risk-based approach; the sharing must be real-time; it has to be a private-public partnership. To achieve this, not just the U.S., but others too, need a healthy, transparent and open dialogue regarding the balance between privacy and security; the Cyber Information Sharing Act is a success in that way.
The second “C” is the cloud which would actually strengthen a company’s security posture, not weaken it. The reason is architecturally driven. A good cloud has a common architecture; one way to access data, one way to verify identities and one way to do encryption. Contrary to the moat castle analogy, this makes a big difference. Cloud can arm a company with standardization, and can avail security tools which are contemporary, current and up-to-date.
The final paradigm is cognitive security and I think it’s time has come. This is explained by the truth that even though the traditional systems can accommodate unstructured data, these systems don’t understand that data, unless tagged. But, cognitive systems can.
A major portion of the security data available is dark data—approximately 10,000 research papers, 800,000 security blogs and 200,000 detailed security news articles—of which, companies can scrape off a miniscule 8 percent. And, here begins the journey of cognitive security, which can understand those data, reason with and learn from them. Cognitive and security have a perfect fit—the strong suit of discovery of things, which one would have never known were related. With this I conclude and leave the audience with the thought of three Cs that are three important steps in this journey of cyber security.