Innovation in Cybersecurity: Blockchain and Enterprise Immune Systems

by Andy Heikkila

It’s amazing to really think about how quickly the human race is advancing technologically. A mere 20 years ago, the internet was in its infancy. The Today Show’s archives show just how ignorant we were about what it was, as well as the impact it would have on our lives.

Nowadays it seems the world is essentially built on connectivity. The Dyn DDoS cyberattack in late 2016 showed just how affected the US would be without access to the internet, with online businesses grinding to a halt and standard users without access to the internet for at least half a day. Villanova’s online resources show that online retail sales in the US alone are expected to reach $535 billion by 2020 — that’s just a small portion of the business that’s done via the internet, and its disruption could be devastating.

Every time points like this are brought up, it completely baffles the intellect; how can such an important infrastructure be so dismally secured?

Cybercriminals have been having a heyday for the last two years. Hospitals were a major target in 2016, and one form of ransomware called “WannaCry” infected over 220,000 computers in 2017, affecting French car company Renault, as well as German railroad operator Deutsche Bahn. This says nothing of cyberwarfare and cyberterrorism afoot.

An Abundance of Malware and Human Error, and a Lack of Viable Skills

There are two basic problems that are affecting cybersecurity right now. First, SecureWorks’s 2017 State of Cybercrime Report shows that cybercrime is cheaper and more accessible than ever. Ransomware is cheap and ready-to-deploy for people who have little to no experience in IT or with cybercrime. On top of that, some hackers have adopted the software-as-a-service (SaaS) model, offering malware- or hacking-as-a-service (MaaS and SaaS respectively).

While the ability to cause damage and reap financially from cybercrime has become that much easier for interested parties to obtain, the ability to safeguard against it has become that much more difficult. According to ECPI University, “because the demand accelerated much more rapidly than anyone thought possible, our country is now facing a critical shortage of people who can supervise and implement cybersecurity business solutions.”

Their numbers show that there are currently over 200,000 cybersecurity jobs available annually, but that every year 40,000 jobs for information security analysts go unfilled. This global shortage could reach numbers of up to two million by 2019.

What’s worse is that a business’s own employees are generally woefully uneducated, making them potential threat vectors within the organization. Phishing tactics, for example, are deployed in a quarter of online scam operations, and are often successful. This is because people often aren’t paying attention to the fine print, or even aware that they should be constantly on alert against breaches and cyberattacks.

In the face of a working shortage and glaring human error, it seems that new solutions are needed — fortunately, there is technology on the horizon that may make up for our human shortfalls.

Blockchain and AI Solutions Changing the Paradigm

The blockchain is essentially the technology that makes Bitcoin and other cryptocurrencies work. It allows for digital files and assets to be shared by always checking existence and location amongst multiple nodes. Essentially, it’s like a bunch of watch towers that all share what they see with one another — that way, if one watchtower misses something, or even a few, it’s alright because all the other watchtowers will see that something’s wrong.

If this technology were applied to cyber security, you can bet that the actions of malicious actors would be much less likely to escape detection. That’s why businesses like REMME, Obsidian, and Guardtime are merging the two. Omri Barzilay, contributing to Forbes, writes that these three companies are leading the charge in revolutionizing cybersecurity via the blockchain, with REMME aiming to make passwords obsolete, Obsidian deploying a protected messenger service, and Guardtime set on securing sensitive records.

However, one company thinks that the old way of thinking about cybersecurity like a “fortress with walls that keep intruders out” needs to change completely. As Scott Rosenberg, writing for Wired, puts it: “They’re shifting from military metaphors to the language of biology; they’re designing immune systems rather than barricades”

That company, the “they” that Rosenberg is referring to, is Darktrace: a company that uses machine learning and AI to thwart cyberattacks. Founded by Cambridge University mathematicians and “ex-British spies,” Darktrace’s “Enterprise Immune System” (EIS) technology maps out a network and monitors it in real time, establishing a base and determining what “normal” looks like in that system. It will then alert users in real-time if there is any deviation from that normal.

“The big challenge that the whole security industry and the chief security officers have right now is that they’re always chasing yesterday’s attack,” Nicole Eagan, CEO of Dartrace, tells Rosenberg in an interview. “That is kind of the mindset the whole industry has—that if you analyze yesterday’s attack on someone else, you can help predict and prevent tomorrow’s attack on you. It’s flawed, because the attackers keep changing the attack vector.

Yet companies have spent so much money on tools predicated on that false premise. Our approach is fundamentally different: This is just learning in real time what’s going on, and using AI to recommend actions to take, even if the attack’s never been seen before. That’s the big transition that Darktrace is trying to get folks… to make: to be in the position of planning forward strategically about cyber risk, not reacting to the past.”

It seems that Darktrace’s initiatives are not falling on deaf ears — they recently won the the ‘Digital Innovation’ award at the 2017 Sunday Times Hiscox Tech Track 100 awards dinner.

While it’s obviously too early to tell, both blockchain and AI/EIS solutions look to hold great promise in the world of cybersecurity.

The rate of change in technology that we’ve adopted demands that we pick up the rate at which we secure things as well — and that’s going to require innovation. Let’s hope that these solutions work.

Follow @IXCHAT on Twitter

Wait! Before you go…

Choose how you want the latest innovation content delivered to you:

Andrew HeikkilaAndrew Heikkila, a tech enthusiast, and writer from Boise, Idaho, and a frequent contributor to Innovation Excellence. He also writes for Tech Crunch. You can follow him @AndyO_TheHammer

Leave a Reply