Aaron Hand is the managing editor for Control Design and Industrial Networking. Email him at [email protected] or check out his Google+ profile.After hearing Shawn Henry, president of CrowdStrike Services, give dire warnings about the rampant threats to network infrastructures and the data they hold, IBM's Michael Valocchi wondered aloud whether perhaps we should just keep all that big data to ourselves.
Henry and Valocchi both spoke as part of the Wednesday morning keynote session at ABB Automation & Power World this week in Orlando, Fla. Henry, who spoke about cybersecurity dangers, knows what he's talking about. He's a retired executive assistant director at the FBI who oversaw computer crime investigations around the world.
"The DNA of all of your companies resides on the Internet. And it's incredibly valuable," Henry said, noting the value of intellectual property, R&D, corporate strategies and more. "There's an increasing push to move it all to the network. But it's all riding on an inherently insecure infrastructure."
That infrastructure, Henry insisted, is only getting larger and less protected. "Imagine trying to protect a building with 100,000 doors," he said. "There are too many vulnerabilities right now."
It's an incredible challenge for which there is no short-term answer, Henry said. To make a better run on the problem, however, the focus needs to change. "We've been focused on how to reduce our vulnerabilities," Henry pointed out. "We need to focus on who our adversaries are."
Those adversaries take three main shapes: organized criminal groups, largely centered in Eastern Europe, that are focused on monetary gain by attacking major corporations; terrorist organizations, which are an increasing threat, particularly to infrastructure; and foreign intelligence services, groups operating on behalf of governments that steal data for economic gain, military gain or some other advantage.
And while the public might run screaming from the threat that a physical bomb presents, people have a harder time understanding and grasping the very real threat of having an unwelcome visitor in their network. "In many cases, the adversary has been in that network for months or even years, and has gone undetected," Henry said, noting such adversaries as trusted insiders, disgruntled employees or people setting up wireless hotspots, just waiting to intercept vital information.
"We often think of the vulnerability of data; you want to maintain some level of confidentiality," Henry said. "But with the depth and breadth of access that adversaries have right now, they can change the data or completely destroy it."