Power Of Nature To Enhance Internet Security

Nature has provided insights for engineers for years, inspiring technical solutions to challenges that replicate the elegant perfection of approaches that work in the natural world. 

The next generation of cybersecurity is being enabled by the quantum nature of the universe itself.

Solutions inspired by nature are being applied to diverse fields including energy production, medicine and healthcare, architecture, food production, transportation and manufacturing. (image: quantum phase diagram is the Hofstadter butterfly)

Nature is now providing engineers with the missing link that can help with the most vexing challenge of our age: enabling both security and functionality in our interconnected IT systems. 

Next generation cybersecurity is needed right now. Cyberattacks are increasing across multiple industries and every level of government. Over the last decade, attacks have been directed against governments, academia, financial institutions, businesses in every sector, and even individuals and their homes. 

In Europe, attacks have damaged the energy sector, and many believe more onslaughts against critical infrastructure and services are in our future. Attacks can even impact the safety of our cars, as hackers have shown they can successfully take over systems embedded in vehicles, and entire airports have been shut down by assaults against the aviation industry. 

Attacks in the healthcare sector have violated the privacy of hundreds of millions of patients and have disrupted hospital and emergency care. Attacks have also been conducted against political campaigns as far back as 2008. The escalation of these attacks in 2016 is raising fears that cyberattacks against electoral systems will threaten democracy itself.

All indications are that these assaults will continue. Adversaries, including cyber criminals, states seeking national security information, hackers seeking glory, and hacktivists pushing causes, have all come to realise the value of successful cyberattacks, and they show no sign of stopping. 

Defenders need to leverage security solutions that increase the amount of effort required by criminals while ensuring the freedom of action and functionality in our protected systems.  Current approaches are all variants of a security theme from the 1990’s called “Defense in Depth,” where security is layered on at every point in the IT stack. 

Security solutions are run on end devices, in networks, on servers, in the cloud and everywhere in between. This approach mitigates risk when properly engineered and overseen, but it is always expensive. Defense in depth has become expense in depth.  And still, adversaries find ways to get in.

Besides expense, today’s defense in depth faces several technological challenges. Engineers in academia, industry and government have designed approaches to address these challenges, including mechanisms like Hardware Security Modules (HSMs) to safeguard and manage security keys for authentication and conduct encryption and decryption. 

Until now, the state of art of HSM devices kept them out of reach of most businesses. Now, breakthroughs in innovation based on quantum effects, advances in key and policy management techniques are being coupled with HSM devices, turning them into more powerful tools capable of generating, managing, and safeguarding large numbers of the most secure encryption keys possible.

All encryption keys require random numbers. The most sophisticated random number generation algorithm that can possibly be created by humans using conventional computers will still only generate pseudo-random numbers. Pseudo-random algorithms are mathematically predictable.      

The one place where nature appears the most random is in a special quantum effect observable by specialized equipment. At a quantum level, sometimes matter just appears. Then it disappears almost as fast as it appeared.  It does this in ways no one can predict, and can be utilized to generate truly random numbers. By building solutions based on a foundation of truly random numbers for key generation, new levels of trust and security can be engineered into our systems.

Quantum effects are being leveraged to generate random numbers at high rates and in ways that make guessing keys impossible, removing an important attack avenue for cyber criminals. Until this quantum effect was used, every other accepted method was not truly random, or was too slow to deliver the security really needed. 

CTOVision:            IBM breakthrough in Quantum Computing:
 

 

« Snowden Loses In Norway
AI Beating Humans? Not In My lifetime, Says Google Chief »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Yubico

Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

National Cybersecurity and Communications Integration Center (NCCIC)

National Cybersecurity and Communications Integration Center (NCCIC)

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

Crossmatch

Crossmatch

Crossmatch is a world leader in risk-based composite authentication and biometric identity management.

GreatHorn

GreatHorn

GreatHorn offers the only cloud-native security platform that stops targeted social engineering and phishing attacks on communication tools like O365, G Suite, and Slack.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau is the national accreditation body for Lithuania. The directory of members provides details of organisations offering certification services for ISO 27001.

The Security Company (TSC)

The Security Company (TSC)

The Security Company is a leading provider of creative employee security awareness programmes.

CyberEdBoard

CyberEdBoard

CyberEdBoard is a private, peer-to-peer education and networking community focused on cybersecurity, technology, business processes and risk management.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

Walacor

Walacor

Walacor’s secure data platform represents the next generation of secure data and blockchain storage with a trust-first approach that revolutionizes enterprise data, and database management systems.

Vernetzen

Vernetzen

Vernetzen is an industrial network and cybersecurity innovator focused on delivering practical solutions to connect and secure industry across the globe.

Sonar

Sonar

AI generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security.

M7 Services

M7 Services

M7 Services are a comprehensive Managed Services Provider (MSP) with a focus on delivering cutting-edge information technology solutions and unparalleled customer service.

Nordic Defender

Nordic Defender

Nordic Defender is the first crowd-powered modern cybersecurity solution provider in the Nordic region.