Expert Voices

Why We Must Build an 'Immune System' to Ward Off Cyber Threats (Op-Ed)

Cybersecurity
(Image credit: ra2studio | Shutterstock)

Nicole Eagan is the CEO of Darktrace, a cyber threat defense company that uses technology to detect previously unidentified threats in real time, powered by machine learning and mathematics developed at the University of Cambridge. This op-ed is part of a series provided by the World Economic Forum Technology Pioneers, class of 2015. Eagan contributed this article to Live Science's Expert Voices: Op-Ed & Insights.

People work best when they talk to each other. So do information systems and modern infrastructures. Today, companies, organizations and governments are hyper connected: They rely on, and thrive on, a web of information that has been made mobile and flexible by the power of the Internet. We depend on the mobility of the data almost as much as on the information itself, together with the ability to share it across geographies and time zones. 

Computer networks have evolved with those needs, becoming more complex and porous. There are multiple ways in and out of networks, enabling users to connect remotely from anywhere in the world and share information quickly with thousands of people at a time. All of this is critical to an efficient business environment. The security that defends those networks, however, has not evolved at the same speed. A new approach is required; one that has adapted to the interconnected world — where security cannot be guaranteed. The landscape is constantly shifting, and threats must be dealt with as they occur. 

A wall doesn't work

As developers progressively build these high-tech systems, we have tended to view the computer network as a fortress that must guard against malicious intruders — if we build a high enough wall and buy a strong enough lock, we will be safe. This traditional approach is no longer sufficient to defend against today's fast-moving and intelligent attackers. Businesses and their information networks are not like medieval castles; they exist within a complex ecosystem of other networks and users, internal and external, and have multiple gateways to them. That is their brilliance and their strength. [The Truth Behind the 'Biggest Cyberattack in History' ]

If networks are compared to the human body, then cyberattacks can be compared to viruses. Our skin does a pretty good job as a protective, outer layer, but it cannot keep everything out. Viral DNA is clever; it knows how to mutate and evolve to ensure its own survival. But once inside the body, viruses encounter an equally clever immune system, which is constantly learning and can detect threats. Living in a sterile glass box is not an option for a functioning, social human being, and it is not an option for modern businesses, either. The body's self-defense mechanism is one of the great marvels of biology — and it's also incredibly pragmatic. We should use the human body as an example of how modern systems must adapt to defeat the threat. We know viruses are going to get in. The question is: How do we defeat them when they do?

"Secure" is no longer possible

The goal of trying to "secure" all information is unrealistic. In order to have a fighting chance, networks, just like bodies, must be defended through an understanding of and focus on the parts of the information infrastructure that are in jeopardy at any one time. To avoid recurring problems and combat new ones, we need to start implementing a cyber "immune system" that learns from its environment. 

As we continue to embrace all the benefits of the Internet, we need to move to a more uncertain world that focuses on behaviors within a network that allow us to distinguish normal behavior from abnormal behavior, both at the individual and group level. New technologies, such as our Darktrace Enterprise Immune System, work on probabilities and experience, rather than hard-and-fast rules and certainties. This model, which provides instant insight into unusual activity within a network, goes beyond just building higher and higher walls around data, and helps users understand all the unknowable, yet strange, things that are happening beneath the surface of busy organizations. 

If you're a topical expert — researcher, business leader, author or innovator — and would like to contribute an op-ed piece, email us here.

Adapting to the threat landscape

Companies must consider security not as a state of perfection to be achieved and maintained, but rather as an ongoing process of self-evaluation and informed actions, adapting to the threat landscape as it evolves. 

The threats that exist today to a company's reputation, financials and operations must be kept in constant check so that they can be stopped from spiraling out of control and into the headlines. To do this, it is critical to separate out the threats that we can live with from the ones that have the potential to inflict existential harm. So a real challenge at the heart of our imperative for good cybersecurity is one of discovery — of knowing, ahead of time, about the threats that you really care about. 

If Edward Snowden has shown us one thing, it's that there is no way you can stay safe from attack. A continuous approach to cybersecurity accepts that ongoing cyber threats are an inevitable part of doing business. The attackers are out there and more often than not, they are also "in there" — in your networks, in your laptops and even in your office buildings. Cybersecurity has become the primary priority for governments and corporations across the globe as this faceless threat intensifies. [Summer Camp Trades Campfires for Cybersecurity (Op-Ed)]

However, by embracing new technologies that internalize defensive mechanisms, we can develop an immune system that will fight off the next major virus just as the body does, while interacting fully in modern life. 

Read more from the Technology Pioneers on their Live Science landing page. Follow all of the Expert Voices issues and debates — and become part of the discussion — on Facebook, Twitter and Google+. The views expressed are those of the author and do not necessarily reflect the views of the publisher. This version of the article was originally published on Live Science.

Darktrace