We read with great interest Cisco’s John Oltsik’s vision for next-generation cybersecurity in a Network World article. In the article he listed four pillars of data security. The second one – data tagging - caught our attention:
Sensitive data identity tagging. I’ve been squawking about the need for standards in this area for years. If some piece of data is classified as sensitive, it should be tagged as such so every host- and network-based security enforcement points knows its sensitive and can then enforce security policies accordingly. Are you listening to this requirement, Adobe and Microsoft? Cisco is making progress with its TrustSec/ISE technologies, but it would be incredibly helpful if the industry got together and agreed upon more universal standard data-tagging schemas and protocols. Think of the possible ramifications here as they are pretty powerful. With a standard tag, every DLP device could easily detect and block an email when a junior administrator uses Gmail to send a copy of the HR database to her home computer. Employees could use Box, Dropbox, or any other file-sharing services because the files themselves have their own “firewalls.” Finally, all endpoints (inside or outside the organization) could enforce DRM policies without the need for goofy proprietary software agents. Good stuff.”
Hmm, imagine that. A global tagging system for electronic data. With Estonian Government support Guardtime engineers have spent seven years designing and implementing a massive-scale keyless tagging system for data – one where every digital object and event in cyberspace is automatically tagged to verify the integrity and authenticity – without relying on keys or trusted parties. Oltsik points out DLP is a use case – and that is one of limitless possibilities. Spam, phishing, malware, the insider threat – all of the problems that plague digital society today can be effectively eliminated with a global scale tagging system for data.
Here’s a question. Where was General Keith Alexander the day that PRISM made the news headlines. Answer: he was in Tallinn, Estonia and is wasn’t for romantic walks in the old town. John, we extend to you an open invite to Estonia – digital tagging is real and is a reason why Estonia has the lowest level of cybercrime in world. As the world’s foremost digital society they are very, very good at cybersecurity.