Cybersecurity Innovation- We live in a world where it appears to be a matter of when, not if, an enterprise is breached. Billions of dollars have been spent on beefing up cybersecurity, but the bad guys keep winning. Securing even a small organization seems quite hard.
How did we get here? Is there hope?
The computer industry has had to fight against evolving sophistication in threats throughout its history. I have been working in cybersecurity since the early ’90s, beginning in college when cybersecurity and the internet were still in their infancy, and in 2015 I started a third-generation cybersecurity company where I currently serve as CEO. We can point to two historical shifts in cybersecurity market conditions that led to a step up in the complexity and scope of attacks and consequently fueled fantastic innovations. With both innovative waves, there were early adopters and laggards — with consequences for who got breached. We are right in the middle of a third major transition in cybersecurity, and by understanding the changes happening, you can be better prepared to protect your organization.
The Early Days (Through 2005)
Up until 1995, the internet was quite small and most of the valuable information online consisted of research papers. Computer threats were typically in the form of hackers trying to gain access to U.S. military computers, often by targeting university research programs linked to the government (e.g., the case chronicled in The Cuckoo’s Egg).
In 1988, a Cornell graduate student named Robert Morris created a computer worm that shut down most of the internet. This spurred the creation of the firewall as a mechanism to restrict outside access to internal network resources and led to the establishment of the CERT/CC at Carnegie Mellon University as a central point for coordinating responses to these types of emergencies.
As the IBM PC gained popularity, computer viruses, which spread over infected floppy disks, became an issue. Anti-virus software was invented to scan executable files and the boot sectors of floppy disks and hard drives for patterns of code and data (“signatures”) that were known to be malicious.