Our Infrastructure Is Screwed

News flash, we are ripe for the picking as not one agency is our government is properly protected against cyberattacks. Whether the attacks take us to the dark ages or cost over a trillion dollars, the fact is that we are completely just waiting to be digitally destroyed.

So just throw some security in there…right?

Not. Even. Close.

The Security Reality

Outside of Bear, security lives in the systems it protects (annoying so in our mind) and that means it is dependent on those systems’ resources and capabilities in order to function.  If you discuss critical infrastructure with most vendors (maybe after a drink or two to loosen them up), the vendors will tell you that the number one issue is not protection but systems being too old, slow and/or obsolete.

This issue goes way beyond simple things like insufficient memory or slow connections.  Almost every security product on the market is an isolated stovepipe solution that may or may not talk to other stovepipes.  They fix one thing to some degree and they rely on an ecosystem of other products, updated operating systems and the like to handle everything else.  When the “everything else” is a jumbled nightmare of antiquated technology, these vendors know that adding their isolated protection will do almost nothing.

Not that they are not happy to sell you their products…

A New Security Layer

Sure Bear has built an awesome security layer and we are biased, BUT what is needed is a layer of protection that runs outside of the systems being protected.  The truth is that governments, large companies and so forth will NEVER wholesale upgrade all of their systems.  Forget the cost, there is simply too much risk as these older systems often run core software that has been stable for years, if not decades.  Any security that starts with “first upgrade all of your hardware/software” is doomed.

Instead, security should run out-of-band and it needs to support the simplest of devices in order to maintain ubiquitous coverage.  Bear actually started in the IoT for that reason – once we proved that we could effectively manage the smallest devices around, everything else became MUCH easier to handle.  By being invisible to systems and software and by running over the same lines of communication, a protective layer like Bear forgoes modernization needs.  By running out-of-band, our type of approach minimizes, if not eliminates, the need for new hardware and transforms the current “upgrade everything” nightmare into a more manageable deployment effort.

Finally, having a complete, robust and adaptable layer of security enables expansion in any direction that is required.  Unlike the stovepipes of today, a system such as Bear enables a new, dynamic transparent ecosystem.  By leveraging the core components of this new layer, other vendors can rapidly scale into this new paradigm and security can churn, evolve and overcome attacks with no unwanted business disruptions.

Doesn’t that make more sense?