How Can Machines Protect Themselves from Cyberthreats?

Cybersecurity

The Covid-19 has highlighted how important are our digital infrastructure and business. And it has also pointed out that the existing approaches to secure IT infrastructure have been unreliable. Firms are not yet free from breach attempts or cyberthreats. The cybercriminals and Advanced persistent threat (APT) groups are always attempting to make a profit from the wreckage created by COVID-19, which gave rise to malicious cyber activities.

The situation is so pathetic that last month the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert, i.e., COVID-19 Exploited by Malicious Cyber Actors.

In his keynote speech at the 2017 Institute for Critical Infrastructure Technology (ICIT) Winter Summit, General Michael Hayden said, “If you’re in the Department of Defense, your doctrine says land, sea, air, space, cyber. An entirely new domain of warfare, but fundamentally, an entirely new domain of human existence. That’s really disruptive,”

He further added that it’s essential that cyberthreats and the actors carrying them out be treated as invading armies and cyber-attacks be considered an act of war. “We self-organize and use business models to guide our self-organization,” General Hayden said. “We will have to rely on ourselves and the private sector in a way that we have not relied on ourselves for security.”

General Hayden’s’ comments are a call to action to the private sector to take the initiative and innovate quickly to secure the cyber-domain. Machines protecting themselves is an area noteworthy for its innovative technologies for securing IT infrastructures and the networks that comprise them.

In an article post on CloudTEch,one of the best ways in which machines can be empowered to protect themselves is by having a client that is an integralpart of any operating system act as an intermediary that establishes a trusted identity for each client system on a network. The client is designed such that it would then be able to authenticate every login attempt and request for resources by verifying each login through a reliable security management platform such as Active Directory (AD). AD acts as the authoritative identity service in the organization that manages user accounts. One such example is Centrify, who has devised an enterprise-ready approach for machines to protect themselves across infrastructure and network configurations.

These self-defending machines hold the key to addressing the paradigm shift that happens in Cybersecurity today, where protection cannot be enforced at the network boundary. In the past, trusted networks were outlines by administrators using network protection tools such as VLANs, firewalls and VPNs to protect a group of machines on that network. With self-defending machines, it’s possible to implement a true Zero Trust architecture more fully where the system cannot be trusted.

In addition to the above, the National Institute of Standards and Technology (NIST) has defined Zero Trust architecture as a set of guiding principles that firms can use to improve their security posture. They must continuously audit their existing cybersecurity defenses in accordance with the Tenets of Zero Trust. This is necessary to ensure improvement in their security disposition. The NIST standard stresses the significance of having a robust security architecture. For example, defenses that protect assets need to be as close to the asset as possible, much like in a war. In this new era of cyberwarfare, soldiers will need their body armor and tools to defend against an adversary. Similarly, it is crucial to arm each server with suitable defenses to shield it against cyberthreats.