By Duncan Greatwood, CEO, Xage Security
Cybersecurity solutions are often thought of as a single-issue solution: protecting companies from dangerous or costly hacks, or detecting hacks after they’ve already happened, when it may be too late. But in an era when our essential industries are continuing to digitize, organizations need to approach cybersecurity as a foundational element of innovation. Security must evolve to enable efficient data sharing, across the company, location, and network zone boundaries.
As we shift into an era of increased remote work, cyber risk is changing. Companies are becoming more and more co-dependent, working together to make entire industries better — think of the logistics companies powering retailers, sharing data from suppliers to customers to improve operational timeliness. Collaboration is essential, and remote work has accelerated the need for flexible digital collaboration.
Companies rely on secure third-party communication and cross-organization collaboration to develop new, more impactful, and efficient ways of working.
Keep Private Information In, Safely Share Data Out
Companies must be able to secure access – letting individuals have access to only what they need, for the time that they need it – with extremely granular control. As opposed to relying solely on broadly-defined trust zones, like traditional security solutions, a zero-trust cybersecurity approach is essential for today’s IT and OT environments. A zero-trust approach means that access is never assumed or granted purely on the basis of zone access. Instead, the policy is to constantly and consistently ensure that an individual employee or a single device has the correct authorizations before they are granted access to a system.
It is enforcing security at the edge, particularly for industrial operations, that enables organizations to protect individual devices where they are, with remote oversight. As a result, threats can be blocked at their source, protecting the entire, often critical, operation––rather than allowing one hack to decimate an entire connected system and cause widespread damage.
While zero-trust is essential for access, it’s also an important aspect of securing traversal or data throughout systems – whether within a company’s own systems or sharing with important partners and customers. In this way, the same approach necessary to keep devices and data safe within a system can also be used to facilitate secure data transfer, improving operations, efficiency, and collaboration with partners, suppliers, and customers.
Data is the Driver
Data is the key driver in business today. Without secure data sharing, operators risk missing out on crucial and timely learnings from combining partner data––such as seismic information that can help ensure the safety of oil & gas rig operators, or grid stability data for utility operators. Without the right mechanisms in place, it’s extremely time-consuming and costly to combine, process, and share data, meaning you can’t get real-time data or live learnings and thus lose the ability to make important changes that can improve operations in real-time.
Being able to securely share data is a huge step towards more efficient remote operations. But in order to do so, we need to ensure that all data maintain authenticity, integrity, and privacy. The best way to achieve this trifecta is by taking a zero-trust approach to in-field protection so that data integrity can be checked and proofed at all stages of data transfer. Data should be secured down to a granular level, noting and immutably logging important factors like location and time of generation. This approach allows the data’s producer to define who can subsequently access the data and enables the data’s consumer to verify the data’s integrity in their application.
Decentralized Security in Space
At Xage, we were recently awarded a grant by the US Space Force (USSF), to prepare end-to-end access and data protection for USSF assets. For an organization itself designed to protect US interests and assets in space, holistic security is paramount.
This work emphasizes the importance of decentralized security enforcement for decentralized systems: limiting single points of access, securing devices at the edge, and detecting attempted hacks that could have a devastating impact if they gained traction or access to other devices.
Further, the Space Force requires a solution that provides universal protection. Like many other organizations, the Space Force relies on devices of various generations, from various suppliers, in various locations, of varying levels of security. Accordingly, organizations like the USSF need solutions that work for all assets – whether space-based or on the ground, enforcing granular access and data control in real-time – to enable the creation of “systems of systems” each of which can act autonomously and in concert as needed.
Remote Work Is Here to Stay
Essential systems were already digitizing pre-pandemic, but with the shift to remote work, as well as the digital and innovation pressure brought on by broader COVID-19 economic changes, we will continue to see increased cyber risk in essential industries. As we determine how to best move forward with securing them, we need to focus on solutions that truly match the systems they’re designed to protect: adaptable, universal, and designed for the high-volume data sharing required for operational innovation.
About the Author
Duncan Greatwood is Xage Security’s, Chief Executive Officer. Most recently, he was an executive at Apple, helping to lead a number of Apple’s search-technology projects and products. Prior to Apple, Duncan was CEO of Topsy Labs, the leader in social media search and analytics acquired by Apple in 2013. Prior to Topsy, he was founder and CEO of PostPath Inc., the email, collaboration, and security company acquired by Cisco in 2008. Previously, Duncan held Vice President roles in Marketing, Corporate Development and Sales at Virata/GlobespanVirata/Conexant, as well as earlier engineering and product marketing positions at Madge Networks. Duncan brings a blend of sales, marketing, operations, technology, and human experience to the task of driving growth at Xage. Duncan holds a B.A. (Mathematics) and M.Sc. (Computer Science) from Oxford University and an M.B.A. from London Business School. Duncan can be reached online via www.xage.com.