With any emerging technology, abuse is inevitable, and the Data Layer is becoming a target of modern attacks.
Being in the Information Age is more of a process than a single step. Every few years, society is propelled forward by changes in technology and behavior. For example, when the Internet started, it was static, read-only, simple websites providing simple information. As the Internet matured, it became more interactive, providing us with useful features like navigation, finance, and online profiles. All of these fantastic technologies require fuel, and that fuel is information. Information generated from data we as the users provide. All of this data is processed, and most is saved for later. Most services not only keep the information, but they also have some mechanism to access it.
We are in the midst of a data revolution, not only in our day to day use but also in the data's prevalence and availability. This is the same revolution that is driving our ever-increasing usage of machine learning and artificial intelligence. It is easier than ever to collect or harvest big data from multiple sources and build innovative new services around that information. Examples include instantly available weather conditions, to regional house prices, to everyone having an online presence. How do we incorporate this into the world of security?
A lot has gone into securing the digital world, computer security, cyber security and IT security. All are part of a larger picture. Computer security as a branch of science or the profession keeps increasing in complexity and has begun to branch into granular specialties. Since computer science is so fond of abstraction layers, that is one approach we can use to understand the specialties:
Network Layer Security - This layer would include using SSL or HTTPS and VPNs. It would also include the fun man-in-the-middle attack and distributed Denial-of-service attack, better known as DDoS.
Operating System (OS) Layer – Here we find access-control-lists (ACL), hierarchical protection domains, or protection rings. We also hear terms like privilege escalation and buffer overflows.
Physical Security Layer – There is a lot to say, but we are not going to talk about this too much, think about your security personnel and lock on your data center or office.
Social Layer - Considering social engineering is a necessary component of any security strategy. It works more often than you think.
Today, the exciting layer for us is the data layer. Its importance is becoming increasingly apparent and while simultaneously becoming less secure than ever. To explain what security in the data layer means, let us consider recent events involving Facebook and Cambridge Analytica. Facebook has world class engineers, state of the art technologies and is likely one of the most secure platforms in existence. So, what went wrong?
The difficulty is inherent in the data layer; that is the data itself. Once you serve a piece of data, it is out there; it can be copied, shared, sold or manipulated. No amount of SSL, encryption, protection against vulnerabilities, or even GDPR can protect this layer. For a product to work, it needs to send information out a secured system and into the wild world of the Internet.
The data layer is difficult to protect, and as such, dedicated teams are necessary to guard it. These teams need to monitor actual usage of systems, the types and natures of data requests, and where in the world data is going. They need to update stakeholders, as well as increase awareness in organizations while keeping day to day operations secure and safe from inevitable abuse. Abuse is unavoidable, and so are teams to defend against it.