Blogs

Silicon Valley won’t save us from the hacker crisis

Senior Product Manager of Cyber Analysis at IBM i2 Safer Planet, IBM

http://www.ibmbigdatahub.com/sites/default/files/sharks_blog.jpg

In April 2015, US Secretary of Defense Ashton Carter visited top Silicon Valley firms in part to discover solutions to the dire cybersecurity problem. It is clear that entrepreneurs see cybersecurity as a lucrative sector, with worldwide spending on information security estimated at $71.1 billion in 2014, with expected growth of 8.2 percent in 2015. Startups in cybersecurity have rapidly emerged in the past five years, raising $7.3 billion with expected growth of 100 percent in the next year. Despite the impressive growth and investment in this area, Silicon Valley is not suited to solve the problem; information security issues will require an institution.

A company can spend millions of dollars on perimeter security yet be penetrated by a $300 laptop and one socially engineered phone call.

In contrast to the level of focus in Washington, the cybersecurity commercial industry has not fundamentally changed its products over the past four decades. A vast amount of effort and resources have been placed on building expensive “prevention products” that expand the virtual moats and perimeter defenses surround networking. Although these defenses are important, skilled hackers will always follow the path of least resistance. A company can spend millions of dollars on perimeter security yet be penetrated by a $300 laptop and one socially engineered phone call. Also, the vast amount of security architecture does little to detect a hazard from an insider. In no other field is the asymmetric threat so profound.

Because of a flood of venture capital, Silicon Valley security startups are driven into making “magic box” cyber-products to be sold at a high price and low volume to only the largest companies. This method does little to combat the asymmetric threat—and it is mostly shortsighted. Similarly to the way the medical community tackles a chronic disease, a large institution with deep knowledge will eventually mitigate the cyberthreat.

Nowhere is safe

The real solution to security dangers is to realize there is no impenetrable facility or network. Businesses will inevitably be compromised, but a targeted, swift response can make all the difference. Managing threats is about understanding the risks amid the sea of data and indicators within an organization.

Ultimately, solving this puzzle is fundamentally a human problem; that is, to create a team of analysts and operators using analytic tools to become first responders against anomalies. Then, it takes an analytical conclusion to determine just what their findings really mean. Since limited resources are common, this methodology allows organizations to focus security on their most critical assets by merging aspects of intelligence and operations. A human analyst visualizing data feeds will be far more effective in managing threats than trying to stop all intrusions through Silicon Valley technology alone.

Security is a constant fight that must be viewed as a cyber-battle—and in a war, actionable intelligence and analysis must be brought to bear simultaneously to inform leaders and operators of the environment they face, enabling balanced and synergistic systems operations in real time. It takes an immense amount of resources, long-term knowledge, trained personnel and time to create such a program. As the government and private sector companies seek to tackle the cybersecurity problem, they should look less at shiny new startups and more at large institutions that understand the complexity of the issues.

Register for the IBM i2 Summit to learn more about tackling complex cybersecurity problems and the changing security industry.