In our modern world we are accustomed to constant monitoring, be that video, email, or our browsing history. We accept (as terms of service) the complete loss of anonymity, and often-even identity all in the name of Siren servers* and the services they provide.
But where are these services when it comes to protecting our data? Name-your-huge-retailer is more than happy to collect every click, and nugget of shopping data about you, and profile you into a category (35-50, disposable income, mid-level shopper). But what about using those techniques to profile would-be thieves and malicious actors, using that ‘spooks’ level knowledge for good (rather than for cash). Why can’t we profile the malware makers, code wranglers, and exploiters?
Business models are so concerned with bottom lines, stock prices, and share holder expectations that end users are lost, customers are lost, and so is our humanity.
I am suggesting that if we valued the relationships we have with our customers like we used to, you know in the way back days, if we treasured that data entrusted to us we might be able to do something useful (would Floyd the barber ever allow his customer list to leak out?) . Lets imagine a world where the identity, and PII of our employees and customers was more than a headline or press release.
Where is the Intelligence in Threat Intelligence? Maybe it’s a shift from HumINT (that’s Human Intelligence for you non Military types) to CompuINT? (Is that a word for Computer Intelligence?). The problem might be that we are not savvy like we used to be, remember the cold war? (I don’t) but I can read. We had to worry about Russians under every table; your neighbor could be a spy. Guess what, that browser plugin is a spy, the website your using is a spy. Threat researchers need to see the inherit THREAT in that.
Siren (stealing Jaron Lanier again) servers are collecting mountains of data about us, more about us than we know about ourselves (give me an hour and I can tell you about cousins you don’t know, guess your high school, street you grew up on, or first pets name, and if you’re a millennial its 20 min because I just use Facebook and snap chat). But who is watching the Sirens? Who protects us not from them (different blog) but who protects them (from theft of data)? Why bother as an attacker to steal your data from you when I can steal it from your dating website (see how I ambulance chased that?). Why is it ok to allow these websites this much data? Do they need it? Do you?
It’s a spooky world we are moving into, maybe one where we need to challenge human behavior (and narcissism) to really combat the growing issues we have. Will biometrics solve the identity issue (what happens when that’s hacked? hacking the sensor is easier).
How much data do you collect in your enterprise? Why are you not leveraging that to better profile human behavior? To know what and why your users are doing the things they need to, and should be doing on your network and with your precious data.
Are you talking to your board like this? Talking about human relationships? Talking about what data really is? Why it’s really valuable, and what trust means? I’m not talking about windows, or domains, I mean why don’t you shop at the large retailer now? Why don’t you use your credit card online? Why don’t you turn on your Bluetooth at DefCon? Or do you?