KSI changes the game
The introduction of KSI adds an additional and new critical capability for security professionals by providing a mechanism to prove mathematically the state of a network i.e the configuration of every switch and router, the state of every event log and data item in data stores can be verified independently from trusted administrators or in the procedures that define the security of that network. The implication is that if you can guarantee the state of your network then any unauthorized change in the state of that network represents an attack, whether internal or external, which can be detected with 100% certainty. It is the difference between searching for needles in a network and having real-time verification that they do not exist.
The Target Compromise
Let’s look at the Target compromise as a very recent and relevant example. Target still cannot answer the United States Congress if they have eliminated the malware inside the enterprise and if backdoors still remain into their customer records system(s). They are searching for needles as opposed to being instrumented from the inside-out with real-time awareness of every stalk of hay. With KSI, the Target compromise would have never occurred; as the compromised integrity of the credit card database configuration(s), machine reader software, and security layer components would have been detected in real-time and subsequently responded to.
Ronald Reagan understood the importance of verification. He was willing to trust his cold-war adversaries as long as there was a means for verification. KSI brings that verification mechanism to networks; you can choose to trust administrators and users of a network but you can also independently verify their actions.
Different assumptions lead to different conclusions and the inevitable conclusion of the widespread deployment of KSI, delivered as a service to world governments and global corporations via their telecommunication partners will be the enablement of “trust but verify” in cyberspace. And with an estimated three trillion dollar bill for ineffective cybersecurity it can’t come quickly enough.