After the SolarWinds hack, we need contact tracing for our data
Posted February 18, 2021
- While the attack on SolarWinds software is arguably the most significant state-sponsored hack we’ve seen in years, it’s more than an isolated incident. It is emblematic of a constant reality of the digital era: We’re all likely to get hacked at some point. Our ability to respond determines our ability to operate. Digital security is now a broad governance imperative.
- It takes a company 207 days to identify that a breach has occurred, and another 73 days to contain it.
- A victim’s fundamental questions are, “Who has accessed our data? Which data, when, and why?” In other words, the ability to trace all contact with sensitive data is vital.
- Applied to digital systems, contact tracing could become a powerful security technique.
- The idea is for organizations to be able to share details of how they were attacked and what was targeted—the who, what, and when—as quickly as possible with other organizations.
- This concept could help organizations identify breaches sooner and remediate faster and more effectively. Through sharing, attack techniques could be more thoroughly understood, and with the right reporting mechanism, the resulting threat intelligence could be shared to help more organizations avoid a breach in the first place.
- Data contact tracing could dramatically shrink the “dwell time”—the period between detection of an attack or compromised system and notification to the world.
- The technology exists to contact-trace our data and to automate the real-time extraction of insights.
– Doug Merritt | February 18, 2021