In the previous article, I talked about the notion of cybersecurity pollution control. I looked at the idea of requiring some approval process for networked devices to ensure that they're not potentially causing problems that could lead to spreading cybersecurity issues.
How can we be effective and equitable when taking on such an endeavor? There should be some kind of environmental impact study done to determine what is the true potential for bad outcomes in allowing unprotected and vulnerable network devices to exist and function within a given environment. This is interesting, because in the context of Arctic Security and our our flagship product, Arctic EWS, we see numerous security problems drifting around in the internet, leading into compromises down the line.
In the world of environmental pollution control, the process to deal with this has been systematic. Applying an iterative and practical approach, we start with the big stuff, look at the environmental impact of allowing contamination to continue, and resolve to implement changes that work.
As we became effective at managing pollution at that level, we extended it to other things, such as vehicles and consumer products. We focus more specifically on known contaminants such as lead paint, toxic food additives, and vehicle exhaust systems in each step. There are, of course, many more things, but you see what I’m saying here. While this remains challenging for systems firmly implanted in large corporate offices and industrial plants, it isn't impossible to come up with a cyber environmental impact analysis.
In cybersecurity, we can, for example, say that device management interfaces should be categorically not be allowed to be accessed from internet at large, as that leads to bad consequences time and time again. Neither should databases, and many other such services.
We can test networked devices and applications to come up with a list of known vulnerabilities, but that isn't as useful as correctly understanding the likelihood of damage, unless we can assess the exploitability of the identified issue and how it would affect those around the system or devices under consideration. Being lax with the aforementioned management interfaces is just inviting an accident.
Where things become much more complicated is in the increasingly mobile world, where systems and devices move from one environment to another on an ongoing basis, effectively changing the threat landscape from one moment to the next, almost as fast as the speed of light. That is a much more complicated problem to address. As in the physical world, pollution can drift from one area and country to another, but it can be managed with common agreements.
So perhaps we can start with an effort to do an environmental impact study on systems that run our all-important global infrastructure and develop some basic tenets of managing cybersecurity issues better. At a minimum, we should rid the world of identified major cyber pollutants and systems that are natural hosts that house and propagate known cyber pollutants.
t would certainly be an excellent place to begin.