Despite numerous, well-publicized incidents of data breaches caused by intentional misuse, as well as inadvertent leaks of sensitive data by insiders, enterprise spending on insider threats continues to lag behind external security concerns, such as hackers and malware. The traditional approach of maintaining siloed network security and endpoint security implementations hardly make a difference.
According to a Forrester Research survey of nearly 700 North American and European small and mid-size business decision makers, 36% of those companies are looking to either adopt or invest in underlying technologies that include database activity monitoring and tools for auditing and vulnerability assessments – key technologies in mitigating insider threats. (See CRN.com’s most current countdown of the “Top 5 Technologies That Detect Insider Threats.”)
Late last month, the President’s Council of Advisors on Science and Technology (PCAST) delivered a report to the President, titled Immediate Opportunities for Strengthening the Nation’s Cybersecurity.
PCAST is a pretty heady group of mostly senior and well-respected academics, but also includes people like Eric Schmidt, Google’s Executive Chairman, and Craig Mundle at Microsoft.
Even the Plain Old Telephone Service (POTS… yes, that’s the industry term), is more user friendly when it comes to identifying accounts than the web. For example, today I called Time Warner Cable to cancel a service appointment. I always know to call them from my home phone, because that phone is known to them. The machine on the other end identifies my caller ID, confirms my account, and off we go.
It seems there is no end to the use of trusted computing capabilities to strengthen well-known security applications and protocols. Followers of this blog are more than likely familiar with the many use cases for Trusted Platform Modules (TPMs), notably improving the security of many PKI-based, high-use applications such as 802.1x, virtual private networks (VPNs), virtual smart cards, and more. The simple act of replacing a software-cert private key with a hardware-based, TPM protected key, improves security immensely.
One session at the Trusted Computing Conference in Orlando, Florida, in September further expanded my horizons. The Naval Research Lab’s Olga Chen presented her work on improving trust and authentication in Kerberos, a network authentication protocol. Kerberos is designed to provide strong authentication for client/server applications by using secret-key cryptography.
Last week another milestone on the path to reduce or eliminate usernames and passwords was achieved. The NSTIC (National Strategy for Trusted Identities in Cyberspace) program office announced five additional pilots have been awarded for the next fiscal year. Wave will proudly participate in two of those pilots; PRIVO (Privacy Vaults Online) and TSCP (Transglobal Secure Collaboration Program), and perhaps more over time. As you may recall several years ago the White House announced a plan to eliminate a serious challenge with the internet – usernames and passwords. They established a small program, NSTIC PMO, within NIST (part of the Department of Commerce) to work to accelerate a new solution.