Embed Size (px)
Citation preview
9/16/16, 1:09 PMData on a leash
Page 1 of 5http://fedscoop.com/data-on-a-leash
September 16, 2016
Data on a leashCommentary: If we can use digital tethers to trackgoods, pets and people, why can't we do the samewith data?
BIO
By JR ReaganOCTOBER 15, 2015 2:00 AM
Our data could have digital tethers — similar to what falconers use to train their birds, JRReagan says. (iStockphoto)
Lock the virtual door and encrypt the key: That’s been cybersecurity’schief modus operandi to date. But as law enforcers know, no lock
CYBERSECURITY
So, you've assumedcompromise. Nowwhat?
CYBERSECURITYNSA: no zero dayswere used in anyhigh profilebreaches over last24 months
HOUSE OFREPRESENTATIVES
Election systemssafe fromcyberattacks,experts believe
PRIVACY
White House callsfor updated senioragency privacypositions
RELATED ARTICLES
NEWS EVENTS TV RADIO PEOPLE SUBSCRIBE CHANGE SCOOP !"
SUBSCRIBE CONNECT WITH US
9/16/16, 1:09 PMData on a leash
Page 2 of 5http://fedscoop.com/data-on-a-leash
ever invented has been completely secure. From padlocks topasscodes, each new method of protecting our valuables only servesas a challenge to those determined to steal from us.
As breaches proliferate — a record high number in 2014, and it'sexpected to increase even more in 2015, according to digital securitycompany Gemalto's report “2014: Year of Record Breaches andIdentity Theft” — cybersecurity professionals are trying newapproaches to protecting data: adding layer upon layer of controls,for instance, like barring entry to a high-security building withmultiple doors; and segmenting data to mitigate losses should abreach occur. But what if we could tie security to the informationitself, keeping it in our control at all times?
Right now, when cybercriminals gain access to our data, it belongs tothem for good. Tracking it is an uncertain art; retrieving it isimpossible. Without our permission or even our knowledge, thehackers can use our information to make purchases, withdraw cashfrom our bank accounts, profit from our trade secrets and more. Ifsold on the “darknet,” our stolen data might be seen and used,unauthorized, all over the world.
But what if we could find out instantly where our data goes, prevent itfrom being forwarded, and even call it back to us, as though we heldit on a leash?
One of the most popular sports in ancient and medieval times wasfalconry, using birds of prey to hunt. To tether the birds duringtraining and between flights, falconers tie “jesses,” or leatherrestraints, to their legs. Once released, any birds that don’t return canbe tracked via bells or, today, radio transmitters.
Think of the possibilities if we could do the same with our data,keeping it close to us by means of digital tethers and, should it fly orbe spirited away, tracking and retrieving it with ease. We alreadyhave the means to track goods, pets and people — why notinformation, as well?
A digital trail
One of the most popular “tracking” tools, GPS, helps us find ourphones, keys, pets, destinations and more. Police use it, too, to catch
Cybersecurity Insights &Perspectives
Invincea's AnupGhosh on usingmachine learningto improvecybersecuritydetectioncapabilities
Cybersecurity Insights &Perspectives
Veracode's ChrisWysopal talksabout the impactof '90s hackerthink tank
Content from Sponsors
DHS' VincentSritapan on federalIT modernization
September 20, 2016
Leveraging YourWorkforce in theNewCommunicationsEra
September 28, 2016
Privileged User &Insider ThreatFederal 2016Ponemon SurveyFindings
October 05, 2016
VIEW ALL
TV/RADIO
EVENTS
9/16/16, 1:09 PMData on a leash
Page 3 of 5http://fedscoop.com/data-on-a-leash
thieves, such as robbers stealing oxycodone. In New York City, a drugstore heist may include a “decoy” bottle or two equipped with GPSsensors that lead law enforcement to the thieves.
How could we track our data in like manner, using GPS-liketechnology to lead us directly to the thieves who took it, and evenmapping its precise location? Surely such a system would helpcapture cybercriminals, who are, at present, notoriously difficult toidentify.
In fact, data-tracking technology is already here. Digitalwatermarking, used primarily for copyright protection and identityauthentication, is being touted by some as the next big thing ininformation security. In one data-tracking experiment,watermarking code was added to a spreadsheet containing a phonylist of names and personal identifying information. When thievesopened the spreadsheet, the code sent an alert to the list’s originators,telling them who downloaded the information, and identifying thedevice and its location.
For our eyes only
Of course, tracking alone is not always enough to keep ourinformation from being used or sold, especially if the thieves areworking beyond our country’s jurisdictional boundaries. But digitalwatermarking also may prevent unauthorized manipulation of data,a growing concern, and enable remote “wiping” of devices containingthe stolen information.
Some question the legal implications of destroying all data on adevice that someone else owns — a legitimate concern. But today’sdata-tracking ventures offer exciting possibilities for cybersecurity’sfuture. What if, a la James Bond, we could cause sensitive data to self-destruct during an unauthorized attempt to open it? Could weprogram our files so that, after a certain number of failed attempts atauthentication and/or access, they vanished from a device,”exploded” into meaningless gibberish, or, like a homing pigeon,flew back from whence they came? We are only steps away, it seems,from the ability to leash our data, putting cybercriminals in a virtualbind, as well.
When our valuables and loved ones are threatened, we tend to draw
October 05, 2016
What HackersReveal About ITVulnerabilities
VIEW ALL
9/16/16, 1:09 PMData on a leash
Page 4 of 5http://fedscoop.com/data-on-a-leash
-Explore Stories in Tech- NEWS > TECH
-In this Story-
Tech, Cybersecurity, Commentary
Stay alert to all the latest government IT news.
SIGN UP TODAY
them close, to protect them from harm. Now that our data hasbecome essential to our lives and business, what if we could do thesame against the rising threat of cybertheft? Locks are a necessaryfirst deterrent, but when they fail, chains might be in order — thevirtual kind, tying our data to our devices inextricably, and giving usunprecedented control.
JR Reagan is the global chief information security officer of Deloitte. Healso serves as professional faculty at Johns Hopkins, Cornell and Columbiauniversities. Follow him @IdeaXplorer. Read more from JR Reagan.
JOIN THE CONVERSATION
So, you'veassumedcompromise. Nowwhat?
NSA: no zero dayswere used in anyhigh profilebreaches over last24 months
Election systemssafe fromcyberattacks,experts believe
9/16/16, 1:09 PMData on a leash
Page 5 of 5http://fedscoop.com/data-on-a-leash
0 Comments FedScoop SherryJones!
Share⤤ Sort by Best
Start the discussion…
Be the first to comment.
Subscribe✉ Add Disqus to your site Add Disqus Addd Privacy%
Recommend♥
ABOUT / CONTACT LEADERSHIP TEAM EDITORIAL TEAM
CONTRIBUTE CAREERS
# $ % & ' + )
BACK TO TOP COPYRIGHT 2008-2016 FEDSCOOP. ALL RIGHTS RESERVED. ∠
