Monday, October 23, 2017

A drop of honey

"You catch more flies with a drop of honey than with a barrel of vinegar." If Juan Bosco knew that this phrase was going to be applicable to any everyday situation after so many years he would not have believed it. In the end it´s still true that a smile is more effective than a slap and that with a little sweetness is achieved more than with a ruthless hardness.

Sometimes it´s better to think like the enemy to know how to attract him than to think about catching him. This premise easily adapts to any area, such as the cybersecurity industry. In the interview of the week we meet Matthew Wilson, co-founder of Penten, a cybersecurity project on innovation, mobile security and "cyber" technologies. This technology, also called "cyber deception", is an emerging category of cyber-defense that consists of detecting, analyzing and defending networks against the most advanced attacks in real time.

Introducing the opportunity it´s necessary to know the point of view on the situation of the cybersecurity of a creator of companies based on the latest tendencies of the sector as it´s Matthew Wilson. As for cybersecurity, Wilson says: "The great challenge of cyber-defense is that whoever attacks only needs a point of attack and succeed, while at the time of defense we have to take into account the entire surface of attack." Despite this inequality, he believes that today we have an advanced technology that allows us to see what is happening in our network in real time. But these advanced technologies have a problem: "The trick is to have the ability to navigate through the millions of daily attacks and decide which is worth investigating. In all recent attacks, the information was there waiting to be identified, but it was placed in the back of pending security operations. "

For many, the term cyber-deception or cyber-deception is new and doubts about its operation may arise, Wilson explains: "It´s the simple creation of a network of assets or data whose purpose is to deceive and trap the intruder. Honeypots are a type of cyberdeceptions that have been used for a long time, consist of data environments that contain non-real information. This kind of defense is very useful because it not only manage to catch the intruder but also to see how they act. Thanks to this you can trace your strategies, techniques and know what you are looking for." But not all that glitters is gold and, despite being a good resource, it has its drawbacks: "Honeypots need a high knowledge in computer resources to be effectively marketed. They have to be developed in a 'cloud environment' different from the company and it takes people very prepared to build, update and manage the environment. Many companies don´t have these resources. "

A major problem in the cybersecurity sector is the lack of talent and this is also applicable to Australia, where Matthew Wilson resides and where his company is located, but also believes that time is necessary for the talent fitting the demand: "We have to remember that it´s an area that has grown very quickly in a very short time. The talent gap is real but universities have responded and it´s exciting to see the emergence of new branches specialized in cybersecurity". But Wilson supports the theory that in addition to knowledge other skills are needed: "One thing that needs to be understood is that the "cyber" is not only technical. We recognize the need to attract people from other sectors because we need professionals with excellent communicative skills and understanding of psychology. "

Looking beyond the present, Wilson has one thing very clear about the challenges that the cybersecurity sector will face: quantum computers: "Encryption now focuses on the basic principle of prime numbers, which are very easy to calculate in one direction and very difficult to calculate in the opposite. The computational capacities of quantum computers break this barrier of difficulty. At this very moment we are looking for ways to make current encryption technology more resilient against quantum computing through the application of random number generation. "

Matthew Wilson is clear about what the current problems are and what are the issues coming. Nowadays, one of the objectives of the cybersecurity sector is to advance faster than cybercriminals and get ahead of its moves, cyber-deception technologies allows for anticipation giving a respite to all those pessimistic criticisms about the current situation. So the next strategy is implemented: catch the bee before it bites.


Post a Comment