Last week at AFCEA Cyberspace Symposium in Colorado Springs, I discovered something interesting – there are a lot of unimaginative people out there when it comes to creating passwords. At least evidenced by the top 5 passwords of 2015, which were shared in the opening keynote address. For those of you wondering, they are:
- 123456
- password
- 12345
- 1234
- football – Really? Football?
While intriguing, and at the same time validating that personally, I’m doing ok when it comes to password creation, this list opened the doors to much deeper discussions around cyber security, by some of the top leaders in the Air Force. General John Hyten, Commander of the Air Force Space Command, laid out the current cyber environment very succinctly: “We don’t do cyber, we operate in cyber… Cyber is a domain and our mission, is to protect that domain. To achieve that mission, we need to focus on information superiority”. Information Superiority – what a great description of what any organization operating in the cyber domain is trying to achieve. And this is as relevant for commercial markets, financial institutions and just about any business, as it is for our military and government.
Lt. Gen. William Bender, Chief, Information Dominance and Chief Information Officer, Office of the Secretary of the Air Force echoed these sentiments: “Trust is a key aspect of doing business in cyber.” Both of these knowledgeable and experienced leaders are saying similar things: Protecting and operating in the cyber environment requires trust and information superiority. Speaking in these terms, information superiority enables trust, both in the physical sense (Are you who you say you are?) and in the virtual sense (Can I trust your identity in a cyber environment?)
Richard Breakiron– General Manager at Ascolta, and fellow attendee at the Cyberspace Symposium broke down the challenge of trust in the virtual environment into 3 elements: Identity, Authentication, and Access Control.
- Identity – The first component of cyber trust is having an authoritative database of users, being able to associate the information in that database with the virtual identity of the user attempting to access your resources, and protecting that identity while it’s in movement via a PKI (Public Key Infrastructure)
- Authentication – Ensuring cyber trust requires multifactor authentication, using physical token, code or biometrics to validate users and granting access to resources
- Access Control – Lastly, validating who can access what information is the third piece to establishing and ensuring trust in the cyber domain. This is the “need to know” of cyber trust.
Understanding these pieces of cyber security, it’s clear that trust is built upon information superiority and information superiority relies on trust. If one piece of the cycle is compromised, the entire process breaks down. ViON’s DataAdapt Cyber Secure Solution mitigates the risk of such a break down by extracting useable information from multiple internal and external data sources and discovering actionable insights and gaining real-time security intelligence, while analyzing and monitoring external threats.
We enjoyed meeting meeting everyone that braved the snow and came by our booth last week at the Cyberspace Symposium. And if you happen to be going AFCEA West in San Diego next week, stop by the ViON booth (#1831) – We would love to talk about how we can help you achieve information superiority for your cyber environment – we promise no snow.
If can’t make it by our booth, check out our eBook – eBook: Driving Decision-Making, Security & Insight with Big Data to learn more and get started with Big Data and Cyber Security.