The State of Cyber Security – 2017

As surely as the sun rising in the east, the state of cyber security can be assessed as perilous. As we march into this frightening new world of “alternative facts”, I believe it is time to present a factual assessment of the state of cyber security. My hope is that science and fact become the basis for decision-making and that this information becomes part of a baseline of understanding.

The first step to addressing the cyber crisis is to agree on a set of facts. Until something more than “there is a cyber crisis” can be agreed upon, there will be no solution. The source of the cyber crisis can be addressed by fixing basic technical mistakes; the science DOES exist and that capability has been proven.

So, if there is a proven system and methodology that can scientifically improve every organization’s cyber security and there is math to support the claim: why is the cyber world so perilous? Simply, the tech industry’s decade-old set of alternative facts stand in the way.

The tech industry must accept that science and opinion are not equal. The alternate universe of opinion-based decision-making is a major part of the current cyber crisis. I have watched for 10 years, first in shock and then in horror, as computer scientists ignored basic logic! What is worse is the neglected analysis and the rejection of the facts presented by one that did conduct the analysis.

 “Creativity is just connecting things. When you ask creative people how they did something, they feel a little guilty because they didn’t really do it, they just saw something. It seemed obvious to them after a while. That’s because they were able to connect experiences they’ve had and synthesize new things.” – Steve Jobs

As a starting point can we agree on a few things?

  • Information technology is computer science
  • Computer science is built on mathematics
  • Mathematics requires logic
  • Logic requires underlying FACT

If the Tech industry cannot agree with this common starting point, the state of cyber security will only get worse! From this starting point there are facts that also must be accepted:

  • The World Wide Web (WWW) is a set of cables, switches, routers and termination points (equipment)
  • Browsers provide a method to navigate the WWW from one termination point to another.
  • Browsers are not the only method capable of WWW navigation.
  • Websites morphed from the original intent, yet the access model remained the same
  • . . . . First education (the free and open exchange of data)
  • . . . . Then marketing (people are on the Internet, let’s show our products)
  • . . . . Then Retail (potential customers are on the website, capture a sale)
  • . . . . Secure Portals came to Websites because people were there
  • . . . . . . . . Remote employee access
  • . . . . . . . . Legal communications
  • . . . . . . . . Financial transactions
  • . . . . . . . . Medical records
  • . . . . . . . . Etc.

Everything accessed via a browser even though the content had changed … substantially!

I believe these FACTS suffice as a reasonable starting point to understand how the cyber world became so perilous. Occam’s Razor: “No more assumptions should be made than are necessary.” This is the least amount of information necessary to find a solution.

There are alternative facts that the tech industry must address to achieve any level of real cyber security. Understanding all the false facts would take a book to explain because of mistakes layered upon mistakes compounding the initial mistake. Every advancement along a false path of mistakes compounded the initial error.

Think of it as driving down a country road. At every fork your destination is to the right. The moment a left fork is taken, every subsequent turn is wrong. If the branches don’t intersect, the only solution is to go back to the first left turn and correct the mistake by going RIGHT! The first left turn in the cyber world was granting public access to secure portals.

I have published over 50 articles on a solution to the cyber crisis. The only thing that is necessary to correct the problem is addressing the human factor. How much damage does it take for a human to admit they made a mistake? The cyber security industry and public access are like an addict on heroin.

How long will it take to admit that there is a problem with the secure access methodology? An average of 127 records breached per second in 2016 should be enough for the addicts of public access to admit they have a problem!

When failure is no longer acceptable, Active Access Control (Physical-Presence-on-the-Internet) technology stands ready to deliver quantifiable results. If there is no maths, there is no improvement. Ask your vendor for their improvement matrix.

Cyber Safety Harbor, Your port in the cyber storm

 

Browse

Article by channel:

Read more articles tagged: Cyber Security, Featured, Hacking

Cyber Security