Understanding The Core Issue

I have often said that you need to look at the real problem in order to have a chance at finding a solution.  For example, crime in inner cities is – in my mind – due to the lack of opportunities for those people.  You cannot solve these problems through law enforcement, handouts or other such nonsense.  Rather you need to realize the core problem – a lack of proper training for this population; a strong institutional prejudice against people in this socioeconomic class and a strong need for education on both sides.  Once you truly grasp this core issue, the solutions become remotely tenable.  In this case, it most likely starts with well-paid teachers providing highly-needed skills (cybersecurity has a few openings…) to the younger generation and then building this population up over time.  There is a lot more to this end but this post is not about solving inner city crime.

When looking at the world of cybersecurity, it is obvious to me that people are simply looking at the wrong level and the experts are looking at this new world through the lens of older enterprise security.  In the past and, indeed, in many modern traditional enterprise spaces, devices are dumb – your servers, laptops, desktops simply do not think for themselves.  They are meant to serve the needs of users, provide responses as fast as possible but always directly to a human.

The IoT is fundamentally different – it is compromised of devices that are meant to be autonomous.  Within the world of the IoT, humans are optional participants in a highly interconnected world of devices that happily run with no humans in sight.  This is a fundamentally new type of ecosystem and older approaches for protecting the IoT just do not work because they all fail to acknowledge smart devices.

The Old

There are really three main buckets that classify the old (and current) approaches to online security:

• Application
  • Application-level security is mostly about convenience and it is clearly the most prevalent
  • Think SSL/TLS, secure API access, these types of approaches
  • Every time you need to change an app, the security needs to change and, with the current exponential explosion of IoT protocols, standards, and approaches, this level is proving untenable
  • Moreover, the sheer scale of the IoT is overwhelming many of these options
• System
  • System level approaches – such as LDAP (Active Directory) are focused on humans either directly or through personas mapping devices to humans
  • While the underlying premise is great, the focus is not correct in that humans are dominant and devices are slaved to humans
• Network
  • These approaches – firewalls, intrusion detection, and so forth – attempt to use perimeters to protect internal resources
  • If the internal resources are dumb, this works fine
  • When those resources can work autonomously, they effortlessly break the perimeter rendering this protection meaninglessly

Of course, you do not have to believe me – just take a look at the incredible number of security issues plaguing us today and try to explain why things are so bad…

The 4th Paradigm

For a long time, I have been trying to answer a simple question – why is Bear different?

The answer turns out to be quite simple – we focus on smart devices unlike everybody else.  With Bear, devices are equal players to humans – both are autonomous, both need Active Directory-like management and both need the same approaches to security.  It is such a simple distinction and yet such an incredibly powerful concept and, once defined, our smart device-centric approach enables us to finally start solving the real problems facing us on the cyber-battlefield.

Instead of writing extensively about these vast differences, we feel the following image provides a great summary and tells the story…