Keep the Invaders Out or Open the Gates for Them?

We could run the world if only we applied the same resilience; innovation and cohesive spirit to leadership that we do to dealing with the challenges facing South Africa.  Uncertain power supply alone is enough to bring our economy to its knees and with it, comes intense exposure to cyber security threats.

Banks and trading firms are especially vulnerable as they can be exposed to losses that go far beyond anything financial models can predict.  This is not even taking into account what is often referred to as the impact of the butterfly effect (more accurately described as Newton’s third law of motion) – every small localised action has a significant consequence elsewhere in a complex system.  This is where our bad cyber habits come into play – often with disastrous results.

In this highly interconnected world, with its multiplier effects,  all a hacker needs to do is to find those admin passwords, for example – truly the keys to the kingdom – that will unlock each secret silo and rip out the soul of an organisation.

Medieval Warfare – Firewalls, Trolls and Trojans- versus Unrestricted Warfare

 Technology is extending the modern battleground to a degree of virtual infinity where security professionals are the protectors of our universe and need to fight fire with fire but definitely not build more walls if we are to win a war that has no limits.

So it comes down to a question of cyber resilience versus anti-fragility – what does this mean?

To be clear, if our adversaries are radically innovating, we cannot ignore the much debated phrase of “information wants to be free” (in the context of hacking, leaks, disclosures and quantum computing). If we accept this concept as true, we must accept that what will matter most is the resilience of information and not security.   Making information resilient is a far better defense strategy than attempting to make information secure and failing.

Is it possible then to build a better system that doesn’t just survive attacks but actually thrives on them?

Let’s unpack this.  If you dig up bindweed – a climbing herbaceous perennial – each broken piece will grow into a new more robust and flexible plant, it actually thrives on disruption.

The idea is not to predict attack attempts but rather to build robustness in the face of negative events and to exploit positive events.  For example, if we could be notified in real time of negative gaps in our cyber hygiene we could potentially defeat hackers, as they would hit a ceiling at some point when the collective whole is firing back patches into our security frameworks.  Much like the human immune system, it learns to deal with intruders and becomes stronger with every attack.

So the answer to the question above is – yes – we can build systems that thrive on attacks.