COMMENTARY:
Cybersecurity Awareness Month this October has been quite eventful. Just within the first 22 days of the month, the industry has been stricken by a slew of devastating security or availability incidents, such as attacks on
Palo Alto Networks,
F5, and Monday’s
AWS outage.
It’s not the first time we’ve faced these threats. The dangers of excessive dependence on large entities and the downstream supply chain have been well understood by security pros over the past several years.
[
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
Some notable examples include the 2020-2023 semiconductor crisis impacting Apple’s iPhone production, the automotive industry’s parts shortage during COVID-19, and the 2021 blockage of the Suez Canal by a container ship. Another example: the latest U.S.-China trade war where China uses its dominance in rare earth element production as a counter to U.S. tariffs.
Cloud service providers at the center of activity
Cloud Service Providers (CSPs) such as AWS offer significant advantages over on-premises data centers with their massive scale, geographical distribution, and resilient automated, and fault-tolerant design.
The CSPs offer a rich set of services, such as serverless computing, databases, AI/ML, and big data and analytics, along with a slew of specialized capabilities. Certain workloads such as Generative AI lend themselves well to decentralized or edge data center models for local inferencing and minimizing transaction latency.
However, decentralized clouds such as AWS Outposts, Google Distributed Cloud (GDC), Azure Local, or IBM Cloud Satellite can potentially create incremental value at the expense of resiliency and failover protection.
The attractiveness of CSPs and the lack of compelling alternatives makes it infeasible to avoid CSP architectures, and yet the need for business continuity and cyber resilience has become paramount for most businesses.
Interestingly, a similar problem was first identified and subsequently solved after World War II with radio guidance systems for Allied torpedoes that used spread spectrum and frequency hopping technology to defeat the threat of jamming and interception by the Axis powers.
The spread spectrum techniques mitigated against a wide range of radio signal issues by making the signals more resilient against frequency availability, jamming, as well as interference, degrade and fading. Also, the signal can appear like low-power background noise making it harder to identify and intercept.
Spread spectrum inherently leverages principles of resiliency engineering – the practice of designing and engineering systems that can withstand, adapt to, or quickly recover from failures and unexpected conditions. Rather than focus on prevention alone, resiliency engineering lets organizations “fail fast” and build an environment that can horizontally “scale out” to ensure continuity of operation even in the face of unforeseen issues or real-time conditions.
How self-healing infrastructure can help
We can now apply the concepts of spread spectrum to modern cloud and internet communications to raise the standard for security and availability. Gartner has cited
“preemptive cyber defense” as the future of security, in which military concepts such as concealment, moving target defense, and use of deception technology can create defense-in-depth for organizations to improve their security posture.
The industry can also use these technologies to bolster resilience through a "self-healing" architecture. We can partition information of value across multiple channels with availability and risk context for the underlying infrastructure and capability to execute auto-failover.
CSPs can add these self-healing capabilities to their communications to create “tunnel-less” overlays and mesh architectures that are resilient across multiple high availability zones or multicloud environments and offer a higher service levels. It also promises to help the enterprise protect both the physical edge or cloud locations while bolstering resiliency across the first, middle and last mile.
While it’s impossible to accurately predict the future, the need for such systems will only intensify with today’s geopolitical considerations and critical infrastructure needs. Monday’s AWS outage underscores the need to eliminate single points of failure by intelligently coupling modern resilient overlay architectures along with the services CSPs offer. This combination of new technologies and services can usher in a new era of security and resilience for the enterprise.
Rajiv Pimplaskar, chief executive officer, Dispersive HoldingsSC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.