Here is why we think it is a big deal:
Over the last decade the paradigm for cyber security has been largely perimeter control and signature based heuristics . This approach breaks down severely in the era of cloud and edge/IoT (running services on another’s infrastructure). Costs have also skyrocketed, especially in the log ingestion and analysis space.
MSI’s purpose is to break through these limitations and eliminate the barriers choking organizations from flexibly inspecting their assets across hybrid environments, anywhere and anytime. MSI instead takes a data centric view of the assets to be protected, both on premise, at the edge and in the cloud - focusing on applications and configurations that should be constrained via established security policies.
Every digital asset on the network (virtual machine, firewall rules, event data, configuration files etc.) is assigned an immutable digital twin . These digital twins can be handled at scale thanks to the KSI blockchain – a universal trust anchor that provides mathematical proof of correctness without the complexity or credential compromise potential of PKI. With these digital twins, an organization can cryptographically prove the integrity and provenance of the asset, all the way back through the digital supply chain. Once cryptographically sealed with the KSI blockchain, the digital twins can be shared across platforms, boundaries and hybrid environments such that they are independently verifiable (they don't need a trust relationship for verification)
Verizon’s MSI Service, powered by Guardtime can answer questions like:
How do I prove that virtual images, network configurations and other digital assets are authentic, reliable and from a credible source?
How do I prove in real-time that federated operations teams are managing their services in accordance with a unified security policy?
How do I eliminate manual processes and establish automated mechanisms to ensure integrity of digital configurations?
How can I prove chain-of-custody and provenance for all digital configurations throughout the lifecycle?
Verizon MSI allows an organization to bind its security control policy rules to the actual asset and report on how that digital asset is interacting with the world across federated boundaries (who can access it, how it can be changed etc.). Any change in that asset out of policy represents a high quality and priority security alert - such that CISO incident playbooks can be now be engaged in real-time for automated remediation (sandboxing, blacklist, de-provision, induce access lag, rollback to a last known good state, etc). In this way, organizations can realize continuous compliance and real-time incident response.
This is just the start. We have a roadmap that addresses many 5G edge applications from autonomous vehicles to industrial automation and addresses issues such as how to expand cyber insurance beyond entry level cover, issues that require continuous monitoring, real-time breach detection and immutable proof over who did what when.
Over the next weeks we will be publishing a series of blogs on what this means for 5G, edge, cyber-insurance, data sovereignty, cloud migration, cloud security, SOC Audits and public sector cloud transformation.
Watch This Space !
For more information contact us at office[at]guardtime.com