Engineering Can Make Your Systems More Secure and "Stealthy"?

Engineering Can Make Your Systems More Secure and "Stealthy"

In Bruce Schneier's recent blog post entitled "The Proliferation of Zero-days," he references the MIT Technology Review that describes 2021 as a "blockbuster year" for zero-day exploits. In addition to the rapid global proliferation of hacking tools, the explosive growth of zero-day exploits is largely due to the increasing complexity of the systems that we depend on from power plants to pacemakers. It’s a target rich environment for today's adversaries across the spectrum from nation-states to lone hackers. That’s the bad news.

And now for the good news.

There are well-established?and proven approaches?available to help mitigate the zero-day exploit problem and most important, these approaches are based on over four decades of scientific and engineering principles. We do not have to be overwhelmed by the enormity or the complexity of the problem. We just need to get down to business.

Let’s start with our most critical systems (i.e., systems that are part of the critical infrastructure or where lives are at risk) and begin the process of reengineering those systems using the principles for trustworthy secure design as described in NIST SP 800-160, Volume 1. Principled engineering cannot eliminate every zero-day vulnerability, but it can dramatically reduce such vulnerability and the overall susceptibility of organizations to destructive cyber-attacks and the resulting losses associated with those attacks.

As my long-time friend and colleague, Sami Saydjari,?said so eloquently in his book "Engineering Trustworthy Systems" — avoid creating high-value targets for the adversary. If a successful attack on a high-value target can produce a large benefit (i.e., a substantial ROI) for an adversary, the adversary will invest its resources and focus beyond our ability to defend against it.

Therefore, as we reengineer our critical systems for greater trustworthiness, we also can reduce the "value" of targets for the adversary by employing those same principles for trustworthy secure design including reduced complexity, domain separation (segmentation), redundancy, least persistence, minimum detectability, and diversity (dynamicity) to reduce the "footprint" of the system and make it more "stealthy."

We are on track to complete the initial draft of a major update to SP 800-160, Volume 1 in late Fall 2021. Until then, take a look at the current body of work on the NIST Systems Security Engineering web site.

Creating an "engineering vision" for the future is the first step toward building systems that are more defensible, survivable, and cyber resilient to help protect the things we value most.

A special note of?thanks to?Mark Winstead, long-time cybersecurity and SSE colleague, who graciously reviewed and provided sage advice for this article.

Michael Goode

Founder and Chief Executive Officer at Goode Cyber Security |Cyber Defense Architect| Cybersecurity Consulting | vCISO | Compliance Consulting | U. S. Air Force Veteran |

3 年

Thanks for sharing

回复
John Janek

Chief Technologist | ex-diplomat | complex problem-solver | systems thinker

3 年

I'm always reminded of Bill Hunt's post on complexity in moments like this. It's actually focused on the magic of hype, but there's a buried nugget of gold in there as he compares 90's web verses 10's web. https://krusynth.medium.com/the-hype-market-6020150ecee9 Complexity is rarely our friend, and the only way to reduce complexity is by enforcing transparency, observability, and design practice. This doesn't mean running back to monolithic design, it's a fundamentally different end state. But it does mean that the efforts to establish good working baselines and design practice as well as establish those core values around transparency and observability are probably the single biggest security factors going forward. Chris H.? ?? Jim Wiggins

回复

要查看或添加评论,请登录

社区洞察

其他会员也浏览了