SCIT - Latest blog entries Mon, 02 Feb 2015 06:57:13 +0000 Joomla! - Open Source Content Management en-gb "Dispelling The Myths Of Cyber Security" "Perfect security that focuses on eliminating threats is too expensive and impossible to achieve. Better to think about consequence management." Read the full article at DarkReading.

Read More]]> (Arun Sood) Uncategorized Wed, 04 Jun 2014 00:41:21 +0000
Biology Inspired Cyber Security: SCIT the Digital Vaccine SCIT protects servers against known and unknown malware attacks, like a flu vaccine protects against specific known flu viruses and unknown future strains.

Vaccines have been successfully used to significantly reduce the risk of certain diseases. For 
example, the small pox vaccine has eliminated small pox. Polio vaccine is another success 
story. In both cases the vaccines, with requisite boosters, immunize the patient for life and are 
very successful.

On the other hand there are vaccines that have limited goals but are still very useful. The flu 
vaccine provides immunity against three specific strains and has to be applied every year. From 
among the many strains, the vaccine manufacturer research estimates the three strains that will 
be most prevalent and develops protection against these strains. Thus one can be infected by 
one of the flu strains that is not protected by flu vaccine. However, doctors note that if one is 
vaccinated, one may get the flu, but the flu vaccine reduces the intensity of the infection and 
speeds recovery.

There is another important reason for getting vaccinated - the vaccination not only protects the 
individual but also the community. For example, the flu vaccine is recommended by the CDC 
not only to protect individuals, but also to prevent the spread of the flu (fewer people getting 
the flu = fewer people spreading the flu) each season. In addition to the vaccine, everyone is 
encouraged to obey simple rules (wash your hands often) so as to frequently restore the system to 
a clean state, thus prevent spread of infection.

SCIT is a digital vaccine that removes the malware and viruses every cycle (the short period 
of time the active virtual machine is online). Like the flu, new variants of the malware 
continuously appear, and restoring systems to a clean state (like washing hands) reduces the 
chance of infection. The cycle duration is chosen by the user – as short as one minute or as long
as a hour. SCIT servers are protected from long presence of the malware or virus on the servers 
– thus making it difficult to infect other servers in the system. SCIT server damage is limited 
by the duration of exposure time of the server to the internet, and the automatic recovery to a 
pristine state is included in the SCIT server cycle. SCIT technology complements the current 
reactive systems like firewalls, IDS and IPS; and leads to further reduction in malicious data ex-

Read More]]> (Arun Sood) Uncategorized Tue, 03 Jun 2014 02:09:19 +0000
SCIT Risk Mitigation and Consequence Management Recent examples emphasize the importance of consequence management and risk mitigation strategy implemented in  SCIT.  I give two examples and then use these to emphasize the value of SCIT:

1.  Target: SCIT would not have prevented the compromise of their server, but would have significantly reduced the number of records lost.  In addition, Reuters recently reported that the presence of malware.binary was noted on Nov 30, alert was generated but no action was taken.  Reuters quotes experts to say that in the kind of systems deployed at Target, hundred(s)  alerts like this are generated every day.  The manpower required to process each alert would be a huge cost.  Thus, SCIT has a significant cost advantage.

2.  Heartbleed: CloudFare posted the issues and exploit strategy and argued that in practice such an exploit would be very hard, probably impossible.  Then they challenged others.  Within hours the site was breached.   If OpenSSL is used, fixing this is very labor intensive and time consuming, probably requiring certificate revocation.  What happens while all this effort is going on?  We suggest that SCIT can provide protection and minimize the data ex-filtration loss.

3.  Can anyone predict the next vulnerability or exploit?  I doubt it.  So what do you do TODAY when the next vulnerability is unknown.  You should consider a risk mitigation strategy.  SCIT helps. At a minimum, SCIT will make the criminals work harder, forcing them to penetrate over and over.  This exposes them more and potentially  leads to repeated alerts. The big point is that new, unexpected things are happening.  It was hard to predict Heartbleed and take protective steps before hand.  SCIT gives you assurance that no matter what happens damage will be minimal.  Compare that to other technologies. 

Read More]]> (Arun Sood) Uncategorized Sun, 20 Apr 2014 20:12:59 +0000