Cybersecurity: Big Waste, Blind Spots, and More Reason to Change
Any time it's possible to talk about millions of dollars in waste, it's a good time to pay attention to what's being wasted and how to prevent it. A new Venafi cybersecurity company study conducted by technology market research firm Vanson Bourne revealed that millions are currently being wasted in cybersecurity measures, as chief information officers (CIOs) noted that the essentials of cybersecurity are often going unprotected due to a fundamental misunderstanding of the threat.
Perhaps the biggest problem noted was that current defensive measures trust cryptographic keys and security certificates almost implicitly, seemingly unaware that some keys and certificates just shouldn't be trusted and are unable to make the distinction. Since Gartner recently offered predictions that half of network attacks will use secure socket layer (SSL) or transport layer security (TLS), some major security measures will have substantial gaps in protection ahead.
What's more, many CIOs believe current defenses are already inadequate. Eighty-seven percent believe security defenses fail in the ability to inspect encrypted traffic, a weakness that 90 percent believe will be used at some point in the future if it hasn't already been used. The reliance on keys and certificates will make a brisk black market for such things for hackers, according to 86 percent of respondents, and 79 percent believe that plans to accelerate IT and innovation growth will ultimately produce new security vulnerabilities.
Keys and certificates were originally adopted as a means to know what to keep private and what to leave open, but misuse is on the rise. With misappropriated keys and certificates, cybercriminals can hide in encrypted traffic and launch a variety of attacks ranging from setting up phishing sites, to adding malware to legitimate sites. Some major defensive measures like behavioral analytics and new firewalls, along with data loss prevention and intrusion detection systems, are particularly at risk to an over-reliance on keys and certificates.
This has led to calls for the development of an “immune system” for the Internet, one that can spot phony keys and certificates and expunge said fakes accordingly. Yet like a human's “immune system”, there's the possibility that the cybercriminals using such tools can modify keys and certificates to look sufficiently credible to spoof this “immune system.” Lyme disease bacteria, for example, can fool an immune system into not launching attacks, and it's safe to reason that if we go to an immune system model for online defense, systems designed to spoof the system will follow. Can such an “immune system” actually be made impossible to spoof? That's the lynchpin the entire system rests upon, and a clear answer may not be available for some time.
In the end, we must have greater security for our systems, and millions of dollars spent to stop maybe half of attacks isn't the way to get there. While the way forward may be unclear, only further development will produce the necessary insight.