There are more connected devices than people on the planet, says IBM Security Vice President Caleb Barlow. We have to shift our thinking now about how we manage device security.
TechRepublic's Dan Patterson sat down with Caleb Barlow, IBM Security Vice President to discuss how AI, IoT, and big data will shape the future of cybersecurity. The following is an edited transcript of the interview.
Dan Patterson: What is the impact of the Internet of Things (IoT), the data that may or may not be wiped from the GDPR, and the emergence of artificial intelligence (AI), machine learning? If we look at all of those trends combined, each one of those is a macro trend that will have its own lifecycle. But they are interwoven: IoT, machine learning, and security. What is the impact of those things, those mega trends on GDPR, post GDPR?
Caleb Barlow: Well, that's quite the question because there's a lot of big issues combined in that question. First of all, with IoT, I mean everything now is connected to the internet. Billions and billions of devices. There's only 7 billion or so people on the planet. There's many, many more devices now that are connected to the internet. All of those things have an address. All of those things potentially have a vulnerability. But, of course, one of the biggest challenges with the IoT is that many of these devices when we talk about a thermostat or a pump or a valve in the industrial setting, they're installed once, and you forget about them for the lifetime of the device.
SEE: Information security policy (Tech Pro Research)
We have to shift our thinking to this new world where if it connects to the internet, you have to have a way to update it in realtime over the wire. I'm talking not just about your thermostat and your fire alarm, which are now connected to the internet. I'm talking about your car, right? I actually had to do this last week. I not only got my car's oil changed, I had to give my car a software update because there were things that were not working right. That's going to become more and more commonplace, okay?
Then we bring the GDPR into it where we're now very limited on knowing where are these devices. Who's behind them? Oh, it's part of a botnet. It's coming from this address, but I don't know whose house that is.
This becomes really difficult to manage this environment where an attack surface is growing like this, at the same time, we're trying to decrease the amount of private information. These two things are required for good security. You've got to know who's behind it, and you've got to reduce the attack surface.
Unfortunately, we're reducing the information of who's behind it. At the same time, we're increasing the attack surface.
Dan Patterson: And machine learning.
Caleb Barlow: Okay.
Dan Patterson: Let's throw AI into the mix here.
SEE: IT physical security policy (Tech Pro Research)
Caleb Barlow: Let's throw AI into the mix here. You're not going to get through all of this with human beings. An average security operations center at a mid-sized company receives about 200,000 security events a day. Now, that's everything from Sally forgot her password 10 times and then remembered it, could be a security issue, to your mobile phone moved from New York to India in two hours. Seems a little odd. You can't even fly on a plane that fast, right? All of these things have to be looked at and investigated.
We have some operations floors now in IBM, that are getting upwards of 30 to 40 billion events a day. You are not getting through that with human beings. You have to use the machine to augment people and say, "Look, these things I can prioritize through. I can correlate these events. I can determine what's what. I can automate some of this," and only put the really interesting stuff in front of a human being to look at and say, "What actions would you like to me to take? I've already investigated this. Here's what I know."