What is the answer to cyber security? Well that depends on what side of the fence you are sitting, the defensive or the offensive! Or maybe you are on both sides…
As all aspects of the cyber security industry increase in momentum there is a new answer each and every week.
Blockchain, the distributed database technology that came to greater public awareness as a core component of the digital currency Bitcoin, is being touted as the next frontier for cyber security. This was discussed at length in a blog post on the website of the RSA Conference, by Neena Sharma the Global Head of Cyber Insights, BAE Systems and is well worth reviewing if you are looking further ahead for cyber security solutions than what is currently available.
With the central characteristics of Blockchain being privacy, autonomy, and fault tolerance a time can be envisaged where its irreversible nature could be useful for data integrity and security against any malicious attempt for data manipulation.
Ms Sharma states that, “Now is the time for the cybersecurity vendors to explore the use of blockchain technology and determine if it could be a useful tool in providing a holistic approach for distributed security that works at all levels”. I think she is absolutely right and look forward to seeing which vendor, or vendors, follow this advice and start developing the next generation in cyber security solutions.
A research team at Google recently cracked the SHA-1, or Secure Hash Algorithm 1, which is a key internet security tool. For many years, its security strength has been questioned and considered theoretically vulnerable to attack, however according to the story on the website ReCode, has now been proven vulnerable.
The major browser developers, Microsoft, Google, Apple and Mozilla have all announced that their respective browsers will stop accepting SHA-1 SSL certificates by 2017 and have, since 2010, been recommending it to be replaced by SHA-2 or SHA-3. However, as it is so widely used, and a lot of legacy systems still use it, it may take quite a while to get it replaced. So, which side of the fence does Google sit on this issue? They have exposed a vulnerability, that could now be taken advantage of by cyber criminals, or have they accelerated its demise in favour of stronger encryption, thus making the world slightly more secure? I’m very much on the fence with this one.
One organisation that is rarely on the fence in any debate is the Russian government. They are constantly being accused of cyber attacks, hacks and other digital crimes.
Recently their minister of defence, Sergey Shoygu, announced that Russia had established what is being referred to as a ‘cyber force’. The information operations forces, to give it its real name, have been established within the Russian military and will be used to ensure that “Propaganda should be smart, competent and effective.”, according to the report on SC Magazines website.
Does this mean that they will be defending Russian values in the digital world, or taking offensive action to further their political aims – which has been claimed it has attempted to do in the past. It might be one, or the other, or both.
Maybe there isn’t a single answer to cyber security, irrespective of which side of the fence you sit on. All we can be sure of though is both sides will continue to move forward regardless.
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.