A strange way to start an article, with a quick precis on history, bear with me and all will be revealed…
What does history tell us:
Genghis Khan who live between 1162 – 18 August 1227
He united the monadic tribes of Northeast Asia, founding the ‘Mongol’ empire and proclaimed as “Genghis Khan”. He conquered most of Eurasia, a feared leader, portrayed in life and on celluloid to this date.
The “Roman Empire” commenced in 6th century BC, through to 1453, when Mehmed II conquered Constantinople. Stretching from the Mediterranean sea in Europe, throughout Europe, Africa and Asia. Many a film has portrayed them, as either good or bad, though I think the latter is appropriate.
Adolf Hitler, in actual fact was “Jewish (by all accounts!!), a corporal in the army in WW 1. Rising to be a tyrannical leader in WW 2. He claimed the lands of Europe, as far north as Norway, as far down as North Africa and East as far as the gates of Stalingrad, the horrors are known facts.
Lasted until the fall of the Berlin wall, Eastern Germany was the penultimate border. It penetrated from Russia en route to Berlin, going north and south. With the revolution of 1989, was its demise and common sense prevailed.
Now in the 21st century, cyber crime has no borders, its “Global” thanks to the Internet and reflects how the world has shrunk. Spyware, Malware, Ransomware, Tupperware (well maybe not the latter!!) but the first three are a bane to life on the Internet and emails and all users.
Accept these two facts, ‘life is a continuum’ and there is no such thing as ‘100% secure’. Though may I proffer ‘Good always overcomes bad’.
The online underworld now has its own currency, the “Bitcoin”, though Australia are branching into this currency, hard to believe or what!
The Internet does have a dark side (the Dark web, sometimes called deep web), where the cyber criminal lurks, bit it for ‘big’ bucks or praying on the unprepared. Cyber crime and counter intelligence techniques are now an industry in its own right.
Academia about the status quo in the computer security arena, or future predictions from a myriad of ‘specialists’, flood our in boxes at an alarming rate with emails, be it in January or bi-annually (they must only pay these twice a year) we get them anyway.
Technology is making the human lazy – switching lights on before we reach home! Internet of things – (how lazy is this) and so the story spirals out of control…
So what critical computer security changes have occurred in the last 10 years?
We’ll go about it without wasting time! These are the occurrences over the last 10 years for me, so it’s not an article I’ve regurgitated:
- Looking at information security, it started off as BS7799, and has become an international standard. Now with a family of standards under the banner of the ISO 27000 family, in excess of 30 at the last count.
- IDS has evolved into IDS/IPS, so not only does it ‘detect’, but now it also ‘protects’ an evolvement in its own right. The IDS/IPS is a critical tool for any network engineer and business alike.
- PCI/DSS for payment card industry has become the intrinsic standard for all business who take credit card payments to adhere to stringently. Likewise, failure to comply results in hefty fines.
- Penetration testing has undergone fundamental changes, to align with the evolvement of technology. This process protects the business, with ownership from top down, so executives see where vulnerabilities persist.
- The evolvement of logging on to ones computer. It’s not just a simple password, but a more complex process. In industry, biometrics either fingerprints or retina scanning are part of today’s society.
- Cyber security, has at long last started to make its mark, driven by governments and had the involvement of ISACA, in order that industry takes ownership too. This will address the critical shortage of skilled and qualified persons.
- Education of information security staff, has progressed form CompTIA Security+. we now see evolvement of the CISM, CISA and CISSP. British Computer Society (BCS), Certificate in Information Security Management Principles (CISMP) and EXIN Information Security training.
- Technology in itself has matured in leaps and bounds. The Apple iPad for example brought about new challenges to Microsoft. By, it’s size, weight and portability of hardware. The customer prevails and expectations are high and will continue.
- The other side of the coin and the cyber criminal has evolved into a professional profession (albeit from the dark side). They have the technology, intelligence gathering techniques and skills. Such is the nature of the threat, they are one step ahead.
- BCS have set the ‘Skills Framework the Information Age’ has 7 levels of competency, supported worldwide, from governments and throughout businesses alike. These with the aforementioned will harness the strength in the cyber war.
I’m not an academic otherwise I would have a degree, nor am I a technician. I have however been working in IT, and later information security for over 40 years.
What’s topical today, is tomorrows history, and why, because we have learnt something, and this is the key to continuum.
What motivated me to take this stance, was the closing words on an article by Roger A Grimes on InfoWorld. His closing words were, ‘The only question I have: When will it happen? If I’m lucky enough to be writing for InfoWorld 10 years from now, will I be writing more about the successes or the failures?’
I know I detracted from my initial mission which Ali Qamar (sorry Ali) set me. Accepting that life is cyclic and we therefore live in a continuum. The failures of those in the history precis are well documented, and as much as the 10 changes in computer security’ will evolve, there ‘topical today, but tomorrows history’. Though I proffer, that Cyber crime will desist.
Food for thought …
Image from Flickr