Oct 3, 2019
All links and images from this episode can be found at CISO
Series (https://cisoseries.com/defense-in-depth-securing-the-new-internet/)
If you could re-invent the entire Internet, starting all over
again with security in mind, what would you do?
Check out this post for the discussion that is the basis of our
conversation on this week’s episode co-hosted by me, David
Spark (@dspark), the
creator of CISO
Series and Allan
Alford (@AllanAlfordinTX). Our
guest for this episode, Davi Ottenhimer
(@daviottenheimer), who
happens to be working on this project with Tim Berners-Lee at
Inrupt to create a new Internet
and secure it.
Thanks to this week’s podcast sponsor,
Castle.
Castle is helping businesses keep customers’ online accounts
safe from targeted account takeovers, automated credential
stuffing, and risky user transactions. Castle’s user-centric
approach to account security allows organizations to fully automate
threat response and account recovery in real-time with risk-based
authentication, granular access policies, and custom workflows.
Learn more at www.castle.io
On this episode of Defense in Depth, you'll
learn:
- Much of the advice on how to secure the Internet focused on
just improving known protocols such as SMTP, IPv6, and TCP/IP. Is
that limited thinking or not?
- Creating a new Internet has a lot of political and
socioeconomic issues connected to it so you have to consider both
relative (changing existing protocols) or absolute updates
(reinventing and trashing existing protocols).
- One suggestion was dynamic port assignments which was an
interesting tip, but it runs into the issue that at some point
someone needs to know where you're communicating.
- Future of identity is that it's not controlled by one entity.
But the solution is not blockchain. That's essentially a
spreadsheet of information and banking on a spreadsheet or
blockchain would not be wise.
- Another suggestion would be to create a data-centric approach
to the Internet, but this would put a massive load on the
endpoints.
- One core philosophy of securing the new Internet is creating a
system where each individual can own their own data, put rights on
it to others to use it, rather than being beholden to the rights
others give us to manage our own data.
- Our favorite suggestion was about looking to biomimicry and our
millions of years of evolution to help us build an Internet that
could learn to evolve on its own. The issue is that history has
given us tectonic shifts that come all at once and don't
necessarily evolve gradually. Could a security system be built to
adapt in that manner?
Creative Commons photo attribution to
Joybot.