platform designed by and for a tight circle of academics and engineers is rapidly expanded for global public use by billions of people, incredible challenges result, along with fundamental questions that should have been more effectively addressed.
For example, authentication. If this really catches on:
How will it be possible to authenticate who is who and what is what?
How can we validate the identity of users to dictate and restrict their access across this vast network?
How will we authenticate software to operating systems, operating systems to hardware, or software to software?
In a system structured around the principle of trust, what happens when nothing is trustworthy?
For example, maintenance. If this really catches on and spreads beyond the confines of high-level military and academic use cases:
Who will be the police, the doctors, the civil engineers, and the maintenance workers?
How will we be able to recruit, train, and consistently, methodically advance the skillsets of the workforce necessary to ensure proper functioning of this innovation?
How will we tier, organize, and classify this workforce—and what are the potential ramifications of a vast, hyperconnected system without sufficient human resources to protect and maintain it?
For example, protection. In this digital utopia of human connection:
Do we risk it becoming a digital dystopia—a collapsed information state that creates a vacuum for the most unscrupulous?
Could we be creating a model of extremely efficient contagion—a volatile potential chain reaction of fraud, grift, and vulnerability?
How will we be able to identify vulnerabilities and provide the necessary solutions to mitigate them?
How will we distribute those solutions, who will implement them, and how can we ensure that it is done correctly?
These unaddressed questions led to inherent vulnerabilities that are built into the DNA of Internet security. In turn, the vulnerabilities have led to repeated patterns of compromise, settling for some measure of security so as to achieve satisfactory performance. The result has been deep-seated weaknesses that have shaped the tangible paradigms of digital compromise. As we will see in the next three chapters, these fundamental structural flaws form the common denominators of nearly all attacks and create the most intractable challenges in the cybersecurity domain.
The greater, overarching trajectory of cybersecurity becomes clear when we analyze what happened when these deep-seated weaknesses proliferated across the global Internet.
If fixes are ignored or fumbled, will the liabilities remain contained within the confines of those who didn't make the suggested improvements?
Or, in a hyperconnected system, will one individual or organizational error create a foothold and safe haven from which to attack others?
Network operators need not be exquisitely insightful at guessing foreign threats or omnipresent in detecting network intrusions. As the chapters in Part II make clear, if they master the issues of authentication, patching, and user training, they can develop a cybersecurity strategy that will succeed.
Конец ознакомительного фрагмента.
Текст предоставлен ООО «ЛитРес».
Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.
