The impossibility of “getting ahead” in cyber defense

The pursuit of a “secure” state through advanced defensive capabilities and resources is ultimately futile, as cyber attackers will always have an advantage due to their singular focus on disrupting systems. Instead, cybersecurity professionals should focus on dissuasion and resilience in the face of inevitable attacks.

Several reasons make it impossible to truly “get ahead” of attackers:

1. The nature of defense: Cybercriminals have only one aim – to disrupt systems, while defenders must manage complex tech stacks.
2. Technology evolution: Defenders are always reacting to new vulnerabilities, making it an inherently reactive model.
3. Limited resources and trade-offs: Risk management involves reducing risk through various means, leaving some residual risk.
4. Human limitations: People remain the biggest security liability due to social engineering, human error, and insider threats.

A future-oriented approach is to focus on building systems that are inherently more likely to function when compromised, reducing reliance on sense and respond. This can be achieved by:

* Building redundant systems for critical functions
* Integrating security into software development cycles (DevSecOps)
* Deploying IT systems following principles of resilience

In the context of AI and robotics, designing machines with built-in resilience involves:

* Retaining human control and ability to quickly regain control if necessary
* Implementing independent, redundant systems for critical infrastructure
* Designing layers of fail-safes to ensure overall system performance in the face of component failure or unknown risks

Read more

Sign up to receive daily content in your inbox

We don’t spam! Read our privacy policy for more info.

Share This Article

Leave Comment

Your email address will not be published. Required fields are marked *

Daily Newsletter

Subscribe to our free daily newsletter to get the latest summarized updates