Data on a leash
- 1. 9/16/16, 1:09 PMData on a leash Page 1 of 5http://fedscoop.com/data-on-a-leash September 16, 2016 Data on a leash Commentary: If we can use digital tethers to track goods, pets and people, why can't we do the same with data? BIO By JR Reagan OCTOBER 15, 2015 2:00 AM Our data could have digital tethers — similar to what falconers use to train their birds, JR Reagan says. (iStockphoto) Lock the virtual door and encrypt the key: That’s been cybersecurity’s chief modus operandi to date. But as law enforcers know, no lock CYBERSECURITY So, you've assumed compromise. Now what? CYBERSECURITY NSA: no zero days were used in any high profile breaches over last 24 months HOUSE OF REPRESENTATIVES Election systems safe from cyberattacks, experts believe PRIVACY White House calls for updated senior agency privacy positions RELATED ARTICLES NEWS EVENTS TV RADIO PEOPLE SUBSCRIBE CHANGE SCOOP !" SUBSCRIBE CONNECT WITH US
- 2. 9/16/16, 1:09 PMData on a leash Page 2 of 5http://fedscoop.com/data-on-a-leash ever invented has been completely secure. From padlocks to passcodes, each new method of protecting our valuables only serves as a challenge to those determined to steal from us. As breaches proliferate — a record high number in 2014, and it's expected to increase even more in 2015, according to digital security company Gemalto's report “2014: Year of Record Breaches and Identity Theft” — cybersecurity professionals are trying new approaches to protecting data: adding layer upon layer of controls, for instance, like barring entry to a high-security building with multiple doors; and segmenting data to mitigate losses should a breach occur. But what if we could tie security to the information itself, keeping it in our control at all times? Right now, when cybercriminals gain access to our data, it belongs to them for good. Tracking it is an uncertain art; retrieving it is impossible. Without our permission or even our knowledge, the hackers can use our information to make purchases, withdraw cash from our bank accounts, profit from our trade secrets and more. If sold on the “darknet,” our stolen data might be seen and used, unauthorized, all over the world. But what if we could find out instantly where our data goes, prevent it from being forwarded, and even call it back to us, as though we held it on a leash? One of the most popular sports in ancient and medieval times was falconry, using birds of prey to hunt. To tether the birds during training and between flights, falconers tie “jesses,” or leather restraints, to their legs. Once released, any birds that don’t return can be tracked via bells or, today, radio transmitters. Think of the possibilities if we could do the same with our data, keeping it close to us by means of digital tethers and, should it fly or be spirited away, tracking and retrieving it with ease. We already have the means to track goods, pets and people — why not information, as well? A digital trail One of the most popular “tracking” tools, GPS, helps us find our phones, keys, pets, destinations and more. Police use it, too, to catch Cybersecurity Insights & Perspectives Invincea's Anup Ghosh on using machine learning to improve cybersecurity detection capabilities Cybersecurity Insights & Perspectives Veracode's Chris Wysopal talks about the impact of '90s hacker think tank Content from Sponsors DHS' Vincent Sritapan on federal IT modernization September 20, 2016 Leveraging Your Workforce in the New Communications Era September 28, 2016 Privileged User & Insider Threat Federal 2016 Ponemon Survey Findings October 05, 2016 VIEW ALL TV/RADIO EVENTS
- 3. 9/16/16, 1:09 PMData on a leash Page 3 of 5http://fedscoop.com/data-on-a-leash thieves, such as robbers stealing oxycodone. In New York City, a drug store heist may include a “decoy” bottle or two equipped with GPS sensors that lead law enforcement to the thieves. How could we track our data in like manner, using GPS-like technology to lead us directly to the thieves who took it, and even mapping its precise location? Surely such a system would help capture cybercriminals, who are, at present, notoriously difficult to identify. In fact, data-tracking technology is already here. Digital watermarking, used primarily for copyright protection and identity authentication, is being touted by some as the next big thing in information security. In one data-tracking experiment, watermarking code was added to a spreadsheet containing a phony list of names and personal identifying information. When thieves opened the spreadsheet, the code sent an alert to the list’s originators, telling them who downloaded the information, and identifying the device and its location. For our eyes only Of course, tracking alone is not always enough to keep our information from being used or sold, especially if the thieves are working beyond our country’s jurisdictional boundaries. But digital watermarking also may prevent unauthorized manipulation of data, a growing concern, and enable remote “wiping” of devices containing the stolen information. Some question the legal implications of destroying all data on a device that someone else owns — a legitimate concern. But today’s data-tracking ventures offer exciting possibilities for cybersecurity’s future. What if, a la James Bond, we could cause sensitive data to self- destruct during an unauthorized attempt to open it? Could we program our files so that, after a certain number of failed attempts at authentication and/or access, they vanished from a device, ”exploded” into meaningless gibberish, or, like a homing pigeon, flew back from whence they came? We are only steps away, it seems, from the ability to leash our data, putting cybercriminals in a virtual bind, as well. When our valuables and loved ones are threatened, we tend to draw October 05, 2016 What Hackers Reveal About IT Vulnerabilities VIEW ALL
- 4. 9/16/16, 1:09 PMData on a leash Page 4 of 5http://fedscoop.com/data-on-a-leash -Explore Stories in Tech- NEWS > TECH -In this Story- Tech, Cybersecurity, Commentary Stay alert to all the latest government IT news. SIGN UP TODAY them close, to protect them from harm. Now that our data has become essential to our lives and business, what if we could do the same against the rising threat of cybertheft? Locks are a necessary first deterrent, but when they fail, chains might be in order — the virtual kind, tying our data to our devices inextricably, and giving us unprecedented control. JR Reagan is the global chief information security officer of Deloitte. He also serves as professional faculty at Johns Hopkins, Cornell and Columbia universities. Follow him @IdeaXplorer. Read more from JR Reagan. JOIN THE CONVERSATION So, you've assumed compromise. Now what? NSA: no zero days were used in any high profile breaches over last 24 months Election systems safe from cyberattacks, experts believe
- 5. 9/16/16, 1:09 PMData on a leash Page 5 of 5http://fedscoop.com/data-on-a-leash 0 Comments FedScoop SherryJones! Share⤤ Sort by Best Start the discussion… Be the first to comment. Subscribe✉ Add Disqus to your site Add Disqus Addd Privacy% Recommend♥ ABOUT / CONTACT LEADERSHIP TEAM EDITORIAL TEAM CONTRIBUTE CAREERS # $ % & ' + ) BACK TO TOPCOPYRIGHT 2008-2016 FEDSCOOP. ALL RIGHTS RESERVED. ∠