Why is Cybersecurity so hard?

The first six months of 2017 has already seen an inordinate number of cybersecurity meltdowns. And they weren’t just your standard corporate breaches. It’s only July, and already there’s been viral, state-sponsored ransomware, leaks of spy tools from US intelligence agencies, and full-on campaign hacking. And that’s just the beginning.

Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security. [TechTarget] What makes it hard is:

Rapid Advancement

As software and technology is enhancing on one end, so is the world of cybersecurity and hacking. Hackers come up with new ways everyday and in some aspects the lack of jobs in this field affects companies and governments to be ready for such attacks. Cybersecurity is quickly and constantly evolving nature of security risks and its turning out to be hard to protect yourself from it.

Lack of Cybersecurity law

Related imageAnother place where companies and governments haven’t caught up with are laws, policies and regulations in the field of cybersecurity. The laws for the virtual world are different than that of the physical world and so one of the main issues that arises from the same is cross border control which has profound implications on security. For example, in the physical world, we assign the federal government the task of border security. But given the physics of cyberspace, everyone’s network is at the border. If everyone lives and works right on the border, how can we assign border security solely to the federal government? [HBR.org] Cybersecurity is relatively new, around 25 years and thus we don’t yet have clear answers to key questions:

  • What is the right division of responsibility between governments and the private sector in terms of defense?
  • What standard of care should we expect companies to exercise in handling our data?
  • How should regulators approach cybersecurity in their industries?
  • What actions are acceptable for governments, companies, and individuals to take and which actions are not?
  • Who is responsible for software flaws?
  • How do we hold individuals and organizations accountable across international boundaries?

Some answers are beginning to emerge but will take time to be implemented across borders in different countries around the world

Technology

Recently, NSA had a breach and as a result had some of its “Hacking tools” stolen. This amongst other technology breaches has given the hackers an upper hand. As briefly mentioned before, with advancing technology the hackers also advance their skills and methods and these, are sometimes not known to others apart from themselves. This makes it a challenging task for companies and government agencies like NSA and Kaspersky to try and find rapid solution or fixes to those hacks. A recent example would be the barrage of ransomware attacks around the globe. They were so sophisticated that PC’s ranging from the power grid stations to the household were affected and it took some time for certain companies to release patches for a potential fix of the problem.

With that being said, there is a lot of work to be done for enhancing defense and curtailing cybersecurity. From Laws and regulations to increasing staff in the field there seems to be an overall shortage in certain areas of cybersecurity. In the future, hopefully, if we develop solutions that address the reasons why cybersecurity is a hard problem, then we shall make progress. Until then be safe on the virtual world, the internet.


References

  1. https://hbr.org/2017/05/why-is-cybersecurity-so-hard
  2. http://whatis.techtarget.com/definition/cybersecurity
  3. https://www.cyberscoop.com/nsa-hacking-tools-shadow-brokers-dark-web-microsoft-smb/
  4. https://www.sciencedaily.com/releases/2016/03/160321110254.htm
  5. http://www.slate.com/articles/technology/future_tense/2017/02/cybersecurity_self_defense_how_to_increase_security_on_your_smartphone.html
  6. https://www.wired.com/story/2017-biggest-hacks-so-far/
0

2 comments on “Why is Cybersecurity so hard?”

  1. Hey Saran,
    Very interesting article on cyber security and it’s challenges. I feel that cyber security automation the key to the future and to solving these challenges safety problems. Automation shifts the burden of the volume of alerts and allows technology to evolve and do the heavy lifting. Also, using automation technology to thwart new and upcoming attacks would be more efficient and we will be able to combat these advances persistent threats in a better way.
    I agree that the laws towards cyber security are not caught up with this field and they will soon have to come up with better laws to practice cross border control and security.

    References :
    https://ayehu.com/top-cybersecurity-challenges-automation-key/
    http://www.cbronline.com/news/cybersecurity/automation-key-future-cyber-security/

    1+

    Users who have LIKED this comment:

    • avatar
  2. Interesting perspective Saran! The part on cybersecurity laws is very well written. The white collar hackers who aim to spot flaws have to abide by rules and regulations. Whereas the hackers that intend to cause harm do anything and everything possible. What are your views on this? Do you think governments and corporate firms need to give more leeway to hackers to purposely find a way to break in?

    0

Comments are closed.