Valuable assets? High stakes? Motivated adversaries? Difficult attribution? Package delivery, armored cars, and information security have quite a lot in common.
Logistics and armored transport are all about safeguarding physical valuables traversing an unsafe landscape at massive scale, and the industry continually evolves its protections based on real life experiences. This likely sounds familiar to information security professionals, as the challenges in logistics, are not that different from what we face.
Chris Ensey and I didn’t start our research looking at logistics as a model. Years ago, we started looking at alternative models for data security. Specifically, we originally were looking at innovative ways to leverage the knowledge in data encryption and key management systems. As we looked further, we realized how data is used (and misused) presented parallels to the logistics world. Chris took it to another level — he’s now COO of Dunbar Cybersecurity! We’ve continued to collaborate to think about ways to drive information security improvements.
So why logistics? Armored cars are cool! In all seriousness, logistics requires continuous data collection across a distributed network of vehicles, distribution centers, and affiliates supported by complex processes to continuously monitor and ensure delivery. Logistics relies on least privilege and zero trust relationships. Each step of the lifecycle can be logged and verified. The business pressures have driven immense efficiencies. (I find UPS’ research into longer routes without left turns fascinating!)
Our InfoSec World 2017 session, “Secure Data Logistics: How Information Security Can Learn from Armored Cars,” looks at how we can view the future of IT security and data protection based on these logistics industry practices. Adversaries are interested in one thing—information they value. So, why are we filtering packet captures, chasing false positives, and hoping that our data stays secure?
Traditional security methods place too much value on the system and network, not the data itself. We need to reduce the degrees of separation and move our analysis and controls closer to the information we are protecting. Data equates to a valuable package and secure data logistics ensures the safety of that data throughout its lifecycle. There are already solutions, including blockchain and SIEM, leveraging certain principles.
We look forward to seeing you in our session to discuss the future of IT security and how logistics methods can be applied to better understand and manage security risks to sensitive data through secure data logistics.
Click here for more information on our InfoSec World Conference & Expo in Orlando.