Cyber Security vs Quarterly Profit

 

Aug 20, 2016 posted by Christopher Murphy, Founder, Visionary and Innovator Cyber Safety Harbor, USA

DOI: 10.13052/popcas008 | Read[125]

The current business environment is more focused on this quarter's P&L than the possibility of next quarter's cyber disaster. In addition, the "Channel Partner" mentality of the corporate environment exacerbates the problem. The model of consuming a company that owns a needed technology rather than just outright purchasing their product may have made financial sense in the short term, but it is a major part of the problem today.

Let's talk actual reality, not preconceived notions that are being passed off as reality. Fact is fact: an opinion does not equate to scientific fact. This delusional thinking eats away at the ability to ever perform proper analysis and erodes creativity and scientific advancement. The time has come to state the facts, clear and simple.

First, not purchasing a cyber solution because 3 years ago you invested in a "Channel Partner" with cyber security that failed or never even got deployed is no excuse. It borders on negligence, plain and simple.

On several occasions, CISOs have explained that they were required to purchase from their Channel Partners and then offered to make us a Channel Partner. They wanted to purchase our company rather than purchase our product. We consistently refused, so their cyber security with an inferior product continues to fail.

A solution that would have prevented every external breach since its creation in late 2006 is still waiting for the damage caused by a failed security model to bring enlightenment. Why is it not deployed? You be the judge.

  • The solution removes all public portals to secure data from the browser environment
  • Provides a portal that is device agnostic
  • Uses no installed software and installs no software to the local device
  • Operates in RAM and never caches any data to the local device
  • Evaporates when completed leaving no footprint.
  • Maintains an "air lock" between the access method and any device connected to the Internet


We refused to exploit the high degree of identity assurance for data mining. Unfortunately, corporate America required this revenue stream to be exploited regardless of the adverse impact on security. Any access method that provides for data mining can never be secure. A backdoor from anyone is a backdoor for everyone. Data mining provides a back door, and we refused to play.

The solution to the cyber crisis is quite simple and frighteningly obvious: accept that the Internet is not a single Browser-Dimension that we all experience as the Internet. The Internet is a series or cables, switches, routers and termination points. The Browser-Dimension is simply how we have been trained to access the Internet.

Think of it like this: the attack surface for the Internet is the size of a basketball court and cyber security has to protect it all. Now place a grain of sand on the court and this would be the size of the attack surface in a multi-dimensional access model.

The solution is to embrace a multi-dimensional Internet model where secure data is placed in its own Internet-Dimension and only known users can gain access to the dimension. In the end, doesn't security start with a known user group? There is no reason for anyone other than that group to have access to that portal. This must be at the heart of any cyber solution.

It's about time we recognize a simple fact: just as the earth is round, the Internet is multi-dimensional. Let's educate the flat-webbers like we educated the flat-earthers: knowledge is empowerment!
Comments