The Walls of Constantinople and the new era of cyberwarfare

Walls defended cities for millennia against attacks from invading armies. Their worth was proven time and again. It was safer for the defendant to stay locked indoors, with food and water in stock, and weather it out till the resources of the attacker were depleted. Siege warfare was won by patience and a strategy of attrition; as well as by sound wall engineering and smart allocation of defending resources. From the fourth century till the beginning of Renaissance the glorious city of Constantinople was defended successfully against waves upon waves of foreign invasions from all directions thanks to one of the finest and strongest walls ever built. But on 29th May 1453 the Walls of Constantinople came tumbling down, and along with them came the crushing end of the Eastern Roman Empire. The Ottoman conquerors had destroyed the city walls using a newly invented technology: the cannon.

Security in the corporate world is also entering a new era where the attackers are no longer dissuaded by walls and firewalls. Defending the perimeter has been a successful strategy for decades, which is increasingly becoming more expensive to maintain. Like Constantinople and the walled cities of the past, information systems can be compromised both from within as well as from without. Security experts rely too much on trying to enforce compliance upon employees not to go rogue with non-approved cloud-based systems and services, but this is a fight that cannot be won; especially with millennials entering the workforce. Digital natives love freedom and it is just too hard to limit them behind walls and "don'ts". It is too easy for sensitive company files to migrate from secure depositories unto a file system in the cloud; without the perpetrator necessarily having any malicious intent.

Moreover, not unlike the Ottomans of 1453, the cyberattackers of 2016 are contemptuous of walls: they are equipped with a host of new technologies, which they can use to break defences, burrow inside systems, and wait for the opportune moment. One of their biggest "cannons" is, of course, Artificial Intelligence. They can confuse security experts with multiple false positives and ultimately render security systems obsolete. It only takes a flood of logs and SIEM (Security Information and Event Management) events to have analysts scamper around to determine what is a real threat and what not. Cyberwarfare based on artificial intelligence, machine learning and predictive analytics is changing the game and demands new approaches, strategies and, most importantly and difficult of all: a new mindset for systems security.

Several startups have already begun experimenting with various approaches to using AI for security. One of the most interesting approaches is using the human body as a paradigm: invaders such as microbes and viruses are defended by our immunity system, so why not copy the same mechanism? Gerald Edelman, the Nobel laureate who discovered how the immunity system works, would have been proud of such creative out-of-the-box thinking. Indeed, Edelman had the unique insight that the human brain may also be working on a similar principle: neurons forming groups through adaptation to regular or frequent signals. Machine Learning seems to verify his insight where neural nets monitor systems and user behaviour for anomalies and thus "learn" how to defend effectively against real threats. But, as said, the hardest issue for companies and organisation is to change their mindset and realize that the age of walls has ended. Defending the perimeter will not cut it anymore. Like the defendants of Constantinople those who persist with the methods of old will soon discover that the enemy has already entered their city. And that their wall is no more.