Page 65 - index
P. 65
Humans are another hurdle
To complicate matters, security is more than just a technology problem. It’s also a personnel
problem. A recent CompTIA survey concluded that human error is largest factor behind security
breaches. Most firewalls require between 100 and 1,000 entries for configuration, and each
entry is an opportunity to introduce an error. As more and more devices come online and the
demand for security increases by one or two orders of magnitude, there will simply not be
enough people to do the job, and existing practices will fail to keep up.
Albert Einstein famously said, "We cannot solve our problems with the same level of thinking
that created them.” If the root cause of Internet insecurity is the reliance on a trust-based model
that is inherently insecure and can’t be properly managed, how do we fix it? Ideally, we’d design
a new, secure Internet that isn’t based on TCP/IP, but it’s too late for that. The TCP/IP ship has
sailed, and we’re all onboard. But make no mistake: we absolutely need a fundamental change
in our approach to security.
Redefining trust
We can fix the problems associated with IP communications, by shifting the model from IP
address routing to a system based on trust between cryptographic identities. At Tempered
Networks, we are building the foundational elements of a secure Internet and are doing this by
inserting a cryptographic identity into the communications stack: the Host Identity. This on its
own only gets us so far. Orchestrating trust, at scale, between these identities is where it gets
interesting. We must do this today to ensure business critical infrastructure, data, systems, and
other high value assets are safe. The smart approach is to be secure by default, rather than
relying on bolted-on components to become secure.
Our products are the foundational components in a defense-in-depth security architecture to
provide hardened, resilient networks. Tempered Networks facilitates the provisioning and
management of secure, private overlay networks over any existing network—even 3rd party
networks. Each secure overlay network can be delegated to different users, while the
governance of the entire solution is centralized and retained by the administrator. Effectively, it
provides enterprise IT to easily deliver “Private Overlay Networks as a Service”.
Elasticity through orchestration
Solving the issue of management complexity is the second critical piece of this new approach.
Trust is critical, but only “automated trust” will provide the elasticity that makes it possible to
configure all of these new trust relationships. The exponential growth of devices, systems, and
applications converging onto IP-based networks, triggered by the Industrial Internet of Things,
creates a daunting challenge for CISOs and CIOs. Effective use of all this metadata, however,
can also create huge opportunities through greater business agility.
65 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
