“May you live in interesting times” is a proverb that has resonated in my life over the last four decades as both a curse and blessing.
No small part of that valuation is attributable to the pace at which technology innovations have been advanced and now contribute to the quality and challenges of the lives we lead. Those advances came at a cost, none more notable than the degradation of the boundaries that traditionally defined our world and around which we constructed and imputed meaning to the environments churning around us. The associated porosity that attended that degradation has been exacerbated by the rise of the Internet of Things (IoT), in which our adversaries have discovered new and almost innumerable attack vectors through which to strike at our interests.
Our response to those attacks always aspired to be proactively preventative, but more times than not found itself stymied in the world of the reactive. Rather than being a guardrail at the top of the cliff, we found ourselves serving as an ambulance at the bottom. The associated costs of those efforts were not inconsequential and over time exacted such a toll on our businesses that we came to be perceived as a distasteful cost of doing business, reflected in complex structures often characterized as “defense in depth.” Those of us who sold into these structures appreciated them for what they really were: “expense in depth,” made necessary by a failure of signature-based anti-virus solutions deployed high in the kill chain.
With the rise of machine-learning-supported artificial intelligence (AI), deployed in the form of revolutionary endpoint protection and delivered at a price point that could achieve compliance while challenging old paradigms of defense, we saw the perception of our industry morph into that of being appreciated now as an indispensable and inextricable aspect of advancing the business. It’s that journey, that metamorphosis and its implications, that a good portion of my columns have explored over these last four years.
Our sense of being stuck in a never-ending cycle of whack-a-mole, reminiscent of the movie Groundhog Day, has potentially come to an end, including those unnecessary yet persistent instances of ransomware that claim the headlines of our day — if only more of us would step up and embrace the validated prowess of these new solutions. Too often those actions are interpreted as a foray down a “road less traveled.” In my career, taking that risk has been richly and consistently rewarded.
Even in the face of such strides, we know our adversaries will not stand by as we take the battle to them — too much money is at stake to acquiesce. They will continue to innovate. If we fail to sustain our cadence by taking steps like embracing structures of converged physical and cybersecurity operations, nation-states will strike at the gaps. Sustaining that effort has at times been sobering, particularly when punctuated by the realization that “no success at work will compensate for failure in our homes” — another proverb; that we can’t cut our way to profitability; and that we must, notwithstanding a persistent insider threat, trust and support our warfighters.
And after all we can do, our efforts will be for naught if we allow self-deception to creep in and undermine all that we might have otherwise achieved. Too much is at stake to allow that to happen. Thanks for your companionship on the journey. Best wishes to you on the road ahead.