Humans are often the weakest link in security due to a lack of awareness and training
Standards Development should also evolve to be less focused on independent development of new technologies, but on the conjoined development of technology with Computer Immune System (CIS) and AC principles. The minimum requirements for each new computer system, network architecture, or application will be self-identifying properties. In today’s modern computer era, new applications (primarily in the mobile domain) are being developed at a rapid pace. For example, there are over 1.6 million apps for Android users and over 1.5 million apps for Apple users. With standards to govern the development of applications that are focused on AC and CIS principles, we will be poised to prevent, detect and subsequently eliminate any dangerous foreign activities or code implants.
Vulnerabilities will be automatically detected with CIS’s ability to recognize new infections. As mentioned before, this ability hinges upon the system’s awareness of self. Once new vulnerabilities are identified, the self-healing properties will be applied and the system will be automatically patched. Current methods of assessing vulnerabilities are performed during post-technology development and periodically during its use. Manual scanning of critical software is not adequate to keep up with emerging threats and will continue to be an issue into the future.
AC and CISs can also govern Computer Network Exploitation and Attack principles. Similar to how an adversary infiltrates government networks and embeds code on a computer system for command and control, AC and CIS can be leveraged once an adversarial network is threatened via Computer Network Exploitation (CNE) and Computer Network Attack (CNA). AC and CIS will be used for a persistent presence on an adversarial system of interest.
Interested in Sabre Systems?