In cyber space, it pays to pay attention

The ability to imagine the future the tendency to do so rather inaccurately is a uniquely human quality. Lest we forget the faulty real-estate asset valuations and risky gambles some financial services firms undertook. That inability to "get it...


The ability to imagine the future the tendency to do so rather inaccurately is a uniquely human quality. Lest we forget the faulty real-estate asset valuations and risky gambles some financial services firms undertook. That inability to "get it right" in the midst of plenty of relevant information saw us enter into one of the worst economic downturns.

Now, while we do imagine creatively (flying machines, submarines, Internet, smart-phones and electric cars to name a few) it is still difficult for us humans to get the future right, because of some familiar limitations.

First we are locked in the present as we try and predict the future, or in other words, the future almost always looks like a different version of the present, at least for most of us. And second, we are very self centred [ego preserving] in our forecasts. We can get stuck into believing that our own point of view reigns supreme, and that when we evaluate our claims against those of others - we will doubt those of others.

Let’s say you regularly drive your car down a route home-bound and we'd like to evaluate your driving behavior. For this test we've created 3 driver proficiency categories. You are either someone that drives in “auto-pilot” (you turn at appropriate times and drive at the posted speed), you are a directionally challenged driver (and a lost cause) or you are an individual that is extremely in-tune with your surroundings.

If you find yourselves in the last category - you are likely an excellent driver. You know the distance of your car to the next. You observe the erratic behavior of a truck 20 feet ahead and two lanes across. You are tracking the changing weather conditions. You are aware. Actually, there is a term you don’t fall into: Driving Without Awareness (DWA): someone in a state where there is no active attention to the task of driving.

Congratulations, you’ve managed to free yourself of simply focusing on the precise task of driving and are meta-driving. You are pretty good at making forecasts because you are not totally centred on yourself, and instead you are actively absorbing (and filtering) information from your environment. And in relationship to the introduction of this blog, you are someone that does not ignore subtle cues and signals.

If you were to program all those keen skills into a next generation drive-assist system it would have features such as defensive driving heuristics, map-based reasoning and experience based traffic prediction. Moreover it would be smart enough to respond to changing situations with more acuity with or without you in the loop.

And so it is also true that the goal of better understanding our surroundings to help predict or direct future events exists all around us: air-line traffic control, supply chain management, in the battle-field, doctors and other critical decision makers must all maintain some level of situational awareness in dynamic and tricky environments.

The process of raising that situational awareness barometer starts with differentiating status (of something) from events and thus relying heavily on surveillance (more passive monitoring) and reconnaissance (actively targeting someone or something) to recognise and eventually predict errant behavior, the terrain and environmental conditions, track targets and sense indicators and early warning signs.

Think of an air traffic controller and the tools they need to get and maintain the right attention to track fast moving objects from colliding with each other in mid-air.

It is increasingly apparent that in Cyberspace (as in land, air and sea) there is virtual terrain and dimensions of time and space. To conduct commerce, serve citizens and communicate in Cyberspace without some sort of handle on one’s surroundings is akin to walking in a dark alley. It’s out of the question.

Organisations, of course, rely on intrusion detection systems, event monitoring, incident response and readiness teams, anti-virus scanners and well managed applications and operating systems. Hopefully that pristine infrastructure or application is under a digital microscope where anything that is out of place or odd will be observed and reacted to.

The challenge is that observation or witnessing an event, is again different and harder than forecasting or predicting an outcome.

For example, consider a trusted insider that is observed downloading sensitive files for an extended period of time - after hours. On the surface there may have been no reason to doubt any misuse of privileges.

There may have been no “rule-breaking" behavior. With some projection and connection of the dots, there may be an opportunity to prevent a serious incident of data theft. Consider, if that same individual 4 months earlier was placed on administrative leave and 1 year earlier had visited a web site that is known to distribute malware.

The point is that most of today’s security systems to help gleam what’s happening, what has happened and what is about to happen are either disconnected or not in place at all. No more poignantly was this illustrated than last Christmas when intelligence agencies failed to join all the dots to prevent the attempted attack on Northwest Airlines.

As we live, work and play in cyber space - organisations and all of us must raise our own situational awareness and in different ways. Whether it’s changing passwords on a regular basis, updating anti-virus definitions or avoiding that tempting link in our emails.

Organisations and government agencies must also up the ante in terms of accurately detecting suspicious behavior, putting in place credible deterrents and automating responses that will minimise the impact of a potential threat actually occurring - whether that threat is known or unknown. They must also get better at working with a wider latitude of information that originates in cyber-space and must be correlated to the physical world*

Walid Negm, Director of cloud and security offerings, Accenture Technology Labs

"Recommended For You"

Nvidia unveils Pegasus, an AI computer that can power fully autonomous vehicles BMW: 5G is key to self-driving car deployment