One of the
biggest buzz words that has been (or still continues to be?) is that of “Trust”. This is a word we hear often, both in our professional
and personal lives. But, no matter in
what venue you hear it in, have you ever thought to think what trust really means? Well, as it relates to Cyber, here is a
definition of it:
“At the heart
of trust in information security is authentication, the process of verifying
the identity of a user, device, or system. Authentication methods can include
something a user knows, something a user has, or something a user is.”
So really, it
is all about making sure that the individual who wants to get access to your shared
resources is actually who they are claiming to be. There are many ways to do this, ranging from the
ever so famous password to challenge/response questions, to the RSA token, to the
One Time Password (OTP), and even down to Biometrics.
Given the advent
of Generative AI and how it can be used to create something that is fake which is
extremely hard to discern if it is real or not, businesses are opting to use
multiple layers of identification.
This is known
as “Multifactor Authentication”, or “MFA” for short. Essentially, you are using at least three or
more layers of authentication. But, in
order to make this robust, all of the authentication mechanisms must be of a different
nature. For example, using a password
along with an RSA token, and using something like Fingerprint Recognition in a
quick, successive fashion.
But now,
there is a new term that is being bandied about in the world of Cyber, and this
is called the “Trust Anchor”. What is it,
you may be asking. Here is also a
definition of it:
“Trust
anchors serve as authoritative data sources that provide verifiable and
accurate identity information.”
(SOURCE: https://www.darkreading.com/cybersecurity-operations/trust-anchors-in-modern-it-security)
So the key
here is a source that you can use to confirm the identity of an individual that
are deemed to be reputable. These
entities can be both human and non-human.
For instance, it can be a passport, a state ID card, or even an outside,
third party that you deem to be honest. These
can include the credit reporting agencies, and even background check companies.
Using a “Trusted
Source” does have some key advantages and disadvantages. Here is a sampling of them:
The
Advantages:
Ø
It
can statistically reduce the chances of fraudulent activity happening down the road. This is especially useful for cross-referencing
any information and data that you have on a particular individual.
Ø
It
can help to make sure that whatever information you use in your company actually
comes from a reputable source. The prime
example of this is once again Generative AI.
As I have written about in the past, a good model needs tons of data in
order to keep it robust. It’s like all
of the fluids that go into your car, from the gas to the oil to the brake
stuff. All of this needs to be filled up
by a “Trusted Source”, such as a mechanic that you know can do the job
well. For the Generative AI model, you
also need to make sure that the datasets you collect to feed it also come from
a very reputable source. If not, not
only will your results (the outputs) be highly skewed, but if you are using this
model to drive parts of your business, it can even create horribly wrong outputs
that will only tarnish your brand reputation.
The
Disadvantages:
Ø
The
privacy that is involved. Even if you collect
datasets that from a “Trusted Source” that you find to be highly reliable, you will
be ultimately responsible for the safekeeping them. Meaning, you need to make sure that you have
the right controls in place in order to mitigate the risks of any kind of Data
Exfiltration Attacks from
happening.
Ø
Although
it may sound like an oxymoron, you actually have to trust the “Trusted Sources”
themselves. For instance, if you are
using a state ID to confirm the identity of an individual, you have to make
sure that is genuinely authentic, not a fake one. Also, if you decide to use a third party to
provide you with “Trusted Data”, you need to make sure that you trust them first. This can of course take time to develop, but as
a rule of thumb, the best place to get started on this is to have an exhaustive
vetting process in place before you select one.
My
Thoughts On This:
Another
strategic benefit of using a “Trusted Source” is that it can also help create a
baseline from which to follow. For example,
you may procure your network security tools from a vendor that you inherently
trust.
As a result,
you will also trust the log files that they output. And from here, you can then create a baseline
to determine what is actually deemed to be normal network activity. Of course, anything outside of this should be
deemed as abnormal patterns of activity.
In a way, the
above example is like building a “Chain Of Trust”. The term “Trust” will always be around in
Cybersecurity, but the important thing to remember is that you do not get
caught up in all of technojargon that is out there.
As long as
you have faith in whatever “Trusted Source(s)” you make use of, that is all you
have to be worried about.
No comments:
Post a Comment