Big Data, a lack of security?
In this age of digitalization, data theft and attacks regularly make headlines. And if the stakes are just as real as the awareness is massive, including the general public, for companies, crossing their fingers is not enough. If data is everywhere, security must be as well.
Tribune of Sylvain Guilley, CTO of Secure-IC and Senior Editor at ISO
Data, in every state
De-perimeterization: the neologism had been launched, as barbaric as it is abysmal. It indicates a decompartmentalization of the information system and without a precise perimeter, data can be created, captured, processed, modified, stored anywhere, at any time. De-perimeterization therefore offers a gigantic world of possibilities, helped by rich data (structured, unstructured, multimedia…), polymorphous and multi-provenances, with exponential growth accelerated by connected objects, from the smallest network sensor to the smart and connected car.
However, behind this apparent “nebula” of data, physical media remain (including wireless media, because although they use the principle of radio waves, which are immaterial, they remain physical media). In this context, just like matter, it is possible to characterize data according to three states: data at rest (solid state) on storage disks, data in transit (liquid state) on networks, and data in processing (gas state) on servers.
This pedagogical analogy makes it possible to understand the link between data, their physical supports according to their respective states and the security which must result from it, on the whole life cycle of the data.
Secure the data, including during its processing
Recognized as a true corporate asset for a long time, data benefits from special attention in terms of its protection. In terms of storage, its confidentiality and integrity are most often ensured by access controls (physical and logical), encryption and other partitioning mechanisms between disks, virtual machines, processes, etc.
In the same way, protocol security (IPSEC on IP, TLS on http or WPA2 or 3 on Wi-Fi, etc.) ensures the protection of data while it is in transit. Particular attention is paid to wireless networks, as it is easy to “eavesdrop” on unprotected flows.
When it is being processed, data is also particularly vulnerable. Its protection is all the more difficult to apprehend in this context as it also involves the programs in charge of its processing. The risk being that a malicious modification of the program could lead to an action that would not be necessary; for example, a vehicle that does not slow down when it should (or the opposite). Therefore, the integrity of the program, its configuration and its intelligence (AI) must be preserved to ensure the security of the data.
IoT security, the first line of defense
With the multiplication of digital devices and the connectivity brought to objects that were not previously connected, such as vehicles, refrigerators, and even production lines, data is now everywhere: it is even around these objects that data is often captured and digitized, and sometimes restored.
Outside the information system by definition, connected objects also represent a colossal attack surface, with as many potential entry points to the organization’ data. They are therefore the first elements to be secured in order to limit the risks of malicious intent, particularly in strategic sectors, impacting human health or with particularly high economic stakes.
This is obviously the case for the automotive industry, the medical industry (for connected health), the major networks and operations of Critical Infrastructures (water, electricity, telecommunications, military/defense), and all major industries whose production stoppages are economically dramatic.
For all these activities in particular, but also for the entire economy, only an integrated and homogeneous level of end-to-end security from connected objects to the depths of the cloud will ensure the security of a world where data is everywhere.
The challenge today is to think of a unified security with coordinated policies (locking, maintenance, reaction is case of attacks) and correlated technologies, in order to obtain homogenous levels of assurance, whatever the state of the data (solid/liquid/gas).
Security must also benefit from better orchestration, given the current highly fragmented security value chain and the absence of a player in charge of the specific business of security operator, who would supervise this value chain and assume its liability.
Finally, and in a context of sovereignty, technologies enabling systemic security management must emerge. The context is favorable (EU Cyber act) and the strategic vision is now understood by the ecosystem. It is up to us to act!
Do you have questions on this topic and on our protection solutions? We are here to help.