Tag Archives: humachine

Hi folks!

As promised, herewith, more on the connection between evolution theory and how protection against cyberthreats develops.

To date, what precisely brings about mutations of living organisms is unknown. Some of the more unconventional experts reckon it’s the work of viruses, which intentionally rearrange genes (yep, there’s who really rules the world!). But whatever the case may be, similar mutation processes also occur in IT Security – sometimes with the help of viruses too.

In line with the best traditions of the principle of the struggle for existence, security technologies evolve over time: new categories of products appear, others become extinct, while some products merge with others. Regarding the latter for example, integrity checkers were a major breakthrough in the mid-90s, but nowadays they’re a minor part of endpoint solutions. New market segments and niches appear (for example, Anti-APT) to complement the existing arsenals of protective technologies – this being a normal process of positive symbiosis for good. But all the while nasty parasites crawl out of the woodwork to warm themselves in the sun. C’est la vie – as it’s always been, and there’s nothing you can do about it.

In the struggle for market share in IT Security there regularly appear prophets prophesizing a sudden end to ‘traditional’ technologies and – by happy chance – simultaneous (‘just in time!’) invention of a bullshit product revolutionary panacea (with generous discounts for the first five customers).

But this isn’t something new: any of you remember anti-spyware? In the early 2000s a huge bubble of products to get rid of spyware grew up from nothing. Much BS was fired the consumer’s way about the inability of ‘traditional antivirus’ to cope with this particular problem, but right from the beginning it was all just made up.

But the market has grown used to and tired of such prophets, and these days monetizing ‘panaceas’ requires a lot more investment and snake oil marketing efforts.

Read on: David and Don Draper Against Goliath…

“It is not the strongest of the species that survives but the most adaptable to change.”
– Charles Darwin

It’s been a while since I’ve opined on these here cyber-pages on my favorite topic – the future of IT Security, so here’s making up for that. Get ready for a lot of words – hopefully none too extraneous – on the latest Infosec tech, market and tendencies, with a side dish of assorted facts and reflections. Popcorn at the ready – off we go…

I’ll be writing here about ideal IT Security and how the security industry is evolving towards it (and what’s happening along that evolutionary road towards it), and how all that can be explained with the help of Mr. Darwin’s theory of evolution. How natural selection leads certain species to dominate, while others fall by the wayside – left for the paleontologists in years to come. Oh, and what is symbiosis, and what are parasites.

I’ll start with some definitions…

Almost-Perfection in an Imperfect World.

Perfect protection – 100% security – is impossible. The IT Security industry can and should of course aim for perfection, in the process creating the best-protected systems possible, but each inching nearer 100% costs exponentially more – so much more that the cost of protection winds up being greater than the cost of potential damage from the harshest of scenarios of a successful attack.

Accordingly, it’s logical to give the following definition of realistic (attainable) ideal protection (from the viewpoint of potential victims): Ideal protection is that where the cost to hack our system is greater than the cost of the potential damage that could be caused. Or, looking at it from the other side of the barricades: Ideal protection is that where the cost of a successful attack is greater than the gain attackers would receive.

Of course, there’ll be times when how much an attack may cost doesn’t matter to the attackers; for example, to state-backed cyberwar-mongers. But that doesn’t mean we just give up.

So how do we develop a security system that provides realistic (attainable) ideal (maximum) protection?

Modern defenders vs traditional: think about adversaries not incidents, by @johnlatwc #TheSAS2016 pic.twitter.com/gss5MITuO1

— Eugene Kaspersky (@e_kaspersky) February 8, 2016

Read on: The survival of IT’s fittest…