We do not possess the ability to read the future and yet we can predict with a high level of certainty that we will see more major cybersecurity incidents in 2016 and 2017.
The world’s cybersecurity capability is not able to advance in line with the growing vulnerabilities. We are faced with more threats each day and hackers are becoming more sophisticated. Whether an organization invests $1 million or $100 million in its security infrastructure, it will still remain vulnerable.
Emerging security solutions do not change the overall way of things: The internet favors the attacker. Many of the modern security challenges that we experience should be attributed to the fact that the internet is not secured by design. Given the opportunity, we would definitely redesign it.
And to make things worse, the way the internet was implemented prevents us from upgrading it to a more secure version. To upgrade the internet, we would have to upgrade all the routers, switches and other connected network devices. And that is impossible to achieve because the network devices are mostly embedded systems that are bundled with hardware. We would have to access and upgrade each and every device.
Incremental security changes will not work. We need disruptive innovation in the world of cybersecurity. We want a solution that will have a significant positive effect, similar to the one created by the invention of the car, smartphone or time travel.
There is a better way to create a secure internet that will dramatically improve cyber resilience and, at the same time, dramatically reduce expenditures on cybersecurity.
Welcome to the world of alternative global networks.
Though upgrading the current internet is unfeasible, there might be another way.
Wireless connectivity technologies of all kinds have vastly improved in recent years. And soon alternative global networks will reach a point where commercial companies, by using a small number of network devices, could implement worldwide networks that will allow internet access from everywhere, by anyone and at any time.
Two examples of companies currently working on bringing wireless internet to places that do not have traditional access are Google and Facebook. Though daring, a worldwide wireless internet is inevitable. It simply makes more sense than spending trillions on upgrading super-costly physical infrastructures.
And herein lies the opportunity.
A worldwide wireless internet access solution will allow us to implement a new way of networking, instead of using the traditional network. This network will be built upon a more secure, simpler to manage and more efficient model.
Cybersecurity and AGN
There are three disruptive benefits that represent a paradigm shift in the world of cybersecurity created by AGNs.
One: No need for new security tools. In the world of cybersecurity as we know it today, every new problem leads to the creation of new products. This is why, while trying to keep up with emerging threats, we continue to buy new security products. AGNs will radically change our current approach toward cybersecurity, rebalancing the power divide between the internet as a force of good and those seeking to undermine it.
Two: Network virtualization. AGNs include all the benefits of software-defined networking, but on a global scale — benefits such as cost reduction, software-defined packet forwarding and central management. Simplified virtual management is leveraged and augmented in a global network. With network virtualization, any network architecture can be defined for any given set of devices, while completely ignoring the physical aspects of how those devices actually connect to the network. For example, your “home” network could contain your computer, laptop, mobile phone, car and all of your family members’ devices, with no regard to where they are in the world and without the need to implement any type of Virtual Private Network solution.
Three: Identified by default. The source of many problems we experience with the internet today can be attributed to the fact that we are trying to supply services that require user identification on a network in which users are anonymous. The AGN provider will be able to implement an identified-by-default network. In this solution, the AGN will authenticate users whenever they are starting to use the network and be able to supply this identity as a service to any application that requires it. In that case, a user might even be able to access his bank without the need to type in a username or password.
The AGN provider will monitor activities across the entire network. The provider can identify any activity that is not aligned with the network code of conduct and exercise the appropriate sanctions on the user and the device.
Menny Barzilay is a cybersecurity strategist and former CISO in the intelligence forces of the Israeli Defense Forces and worked at Bank Hapoalim Group. He was part of an Israeli contingent in Colorado Springs to discuss cybersecurity.