THE BALBIX BLOG

Musings on predictive cyber risk and resilience.

 

Today's Weather and the Evolution of Cybersecurity

In today’s world, we take for granted the ability to pull out our smartphone and get a reasonably accurate 7-10 day forecast for anywhere in the world, but this hasn’t always been the case. 

Way back in 340 BC, the Greek philosopher Aristotle published Meterologica, a gripping, four-volume page turner that covered his thoughts and observations on all things weather related - rain, clouds, thunder and lightning, etc. In some cases, he was remarkably accurate, in others, he was way off the mark. Despite this early study, very little progress on forecasting was made for a couple of thousand years. 

Screen Shot 2020-01-27 at 1.19.51 PMBy 1854, attempts at weather forecasting were comical at best. In addition to simple observations of the sky, animals were thought to be good predictors of the weather, most notably, the common tree frog. Someone had observed that tree frogs would climb higher up plants to catch insects that flew higher in warm weather. So, one common way to forecast the weather was to keep a frog in a glass jar with a ladder. If the frog climbed up the ladder, break out the swimsuits! This practice was so common that to this day, weather forecasters in Germany are known as Wetterfrosch (weather frogs). 

I know. Enough about the frogs already!

Screen Shot 2020-01-27 at 1.19.59 PMIn 1854, British Admiral Robert FitzRoy founded the Meteorological Department of the Board of Trade, inventing the first non-frog daily weather prediction that he called a “forecast.” Driven to provide forewarning of life threatening storms to British sailors, FitzRoy capitalized on the rapidly growing telegraph network, along with primitive instruments in strategic locations to collect and distribute forecasts. By 1860, Fitz had gone viral, with his popular, sometimes accurate, 48 hour weather forecasts syndicated nationally.

Today’s forecasts have advanced considerably. No longer leveraging simple barometers, thermometers, and telegraphs, the 7+ day forecasts we enjoy today have become considerably more accurate by leveraging radar, satellites, radiosondes, and some of the most powerful supercomputing power on the planet. In fact, the National Oceanic and Atmospheric Administration (NOAA) leverages a supercomputer system with 5.78 petaflops (in case you’re unsure, 1 petaflop is 1,000 teraflops) of compute, or quadrillions of calculations per second. These forecasts are then fine-tuned by trained meteorologists.

Cybersecurity has followed a remarkably similar evolution, though compressed into decades instead of millennia. 

The very first virus, Creeper, predated the Internet (1971), and was simple and benign. Screen Shot 2020-01-27 at 1.20.07 PM

Over time, attacks became more and more sophisticated, accelerated by the adversarial shift from notoriety to profit motive and activism.

In the early days of security, simple attacks and simple networks meant that simple tools could help prevent attacks. Signature-based antivirus and stateful firewalls administered by IT were sufficient.

With increasingly sophisticated attacks, came more and more detection and prevention tools, like vulnerability management, and the rise of the dedicated information security team. Security analysts leveraged knowledge and intuition to fend off attacks. 

At some point, however, it became clear that these teams were fighting a losing battle. Despite more investment, more training, and more headcount, major breaches became almost a daily headline. 

So what happened? 

Digital transformation has meant an explosion in the number of connected assets on an enterprise network. At the same time, the attacker now has 100’s of different attack vectors at their disposal. To protect all of those assets from all of those attack vectors means understanding and eliminating millions or billions of points of risk, continuously.

No team of humans relying on training and intuition can successfully take on this challenge.

Today’s teams must evolve to leverage the cybersecurity equivalent of radar, satellites, and supercomputers. Tools must be the starting point for improving cyber resilience, surfacing context and relevance from billions of data points, with infosec analysts harnessing these tools to effectively eliminate risk. 

The alternative? Frogs climbing ladders.

Executive guide to AI and Machine Learning