A simple Get to know me section on Instagram or TikTok poses a serious security risk as it aligns with common security questions used…
There has never been a more dangerous time to be online: there are threats from every corner and attackers are getting more sophisticated. With data hopping from device to device via the cloud, the way we do security must change.
This is the world of big data and where trust and privacy is becoming more vulnerable.
Art Coviello the Executive Chairman of RSA (the security division of EMC) believes the way security is currently tackled must change if today’s society is to survive the changing world of technology.
He argues that the security industry needs a scalable ecosystem for sharing information beyond the current industry models that leverages existing trusted relationships and big data.
Speaking to the RSA conference audience, Coviello says that today there might be an app for everything, but in 2020 there will be big data apps everywhere. He reckons that data will be attacked not just from devices but from everywhere, from the internet of things. There will be total commercialisation of social media where there will be an absence of privacy as we “give it up” for consumer loyalty.
“We are being overwhelmed by all the opportunities for attack,” he says but there is hope with the help of big data. Big data is the new frontier of the web. Although it can be argued that the amount of data that is being produced could be blamed for the new waves of attacks and breaches in privacy we see today, Coviello suggests that it can help build better security systems.
“Security is much more effective when driven intelligent data — security driven by big data. A risk-based system that uses dynamic and agile controls, intelligence to detect and respond to attacks,” says Coviello.
He reckons that adding context to the security equation makes all the difference, giving a better picture to the system that needs protecting as well as its users and attackers.
“By integrating security controls we can do more. By combining the nature of the attack and user behaviour we can provide more context and transcend the reactive methods of the past, so react better. This helps in a noisy environment making intel-driven security future proof,” says Coviello.
No matter how clever the attacker is, at some point they will have to do something out of the ordinary in order to achieve their goal, and when they make that move is when (through data) you can catch and stop them.
“Security needs to behave less like a police officer but more like a neighbourhood watch who understands the neighbour. Rather than reacting to crimes, it can prevent it,” he says.
For the security expert, there is an imbalance between piracy and security. He reckons we cannot pit security and privacy against each other — the same tech that protects user privacy can still prevent organisation privacy. Privacy and security cannot be mutually exclusive, they must align.
“We don’t want to create big brother as it will eventually kill innovation, so a balance must be found. Anonymity is the enemy of privacy — it allows people to access and misuse private data with no risk of persecution. Transparency, governance and technology strikes the balance that ensures security and privacy.”