Imperfect knowledge security


Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

Keeping the organization robust in a highly dynamic threat environment

Our capacity to predict will be confined to . . . general characteristics of the events to be expected and not include the capacity for predicting particular individual events. . .Yet the danger of which I want to warn is precisely the belief that in order to be accepted as scientific it is necessary to achive more. This way lies charlatanism and more. I confess that I prefer true but imperfect knowledge. . .to a pretence of exact knowledge that is likely to be false.

FRIEDRICH A. HAYEK

“The Pretence of Knoweldge,” Nobel Lecture

Modern information security models usually assume a pre-defined defensive structure of  networks, systems, procedures, defenders and attackers – the properties of which usually specified by vendors (i.e. defining the problem by the solution).

The problem with such models is that, in reducing the organization to passive executives of defense rules in their firewalls, they ignore the extreme ways in which attack patterns change over time. Any security policy that is presumed optimal today is likely to be obsolete tomorrow. So – learning about changes is at the heart of day-to-day security management.

I recently started reading “Imperfect Knowledge Economics” – an extremely well written book by Roman Frydman and David Goldberg, (Princeton University Press 2007).   Our best practice with clients these days is to work with them to make their business more robust to high impact data loss events as opposed to installing silver bullets to prevent events that cannot be predicted. The notion of IKE is very appealing to me for the security space, since both attackers and defenders are working from positions of imperfect understanding (most companies don’t even have the faintest idea of what data is leaking out of their network). So – here goes a first crack at what I would call IKS – imperfect knowledge security (with my apologies and appreciation to Frydman and Goldberg).

The goal of IKS (Imperfect Knowledge Security) is to help develop a more insightful approach to security management. Our approach – IKS, does not seek to explain exactly how attack patterns evolve over time. We reject current security models that relate defensive measures to precise attack patterns that have been pre-specified in security technology developed by a vendor.

IKS constructs models of aggregate outcome (value at risk, security plans, cost of security) by relating them to   behavior of 4 basic threat entities (assets, threats, vulnerabilities and countermeasures). This behavior is represented mathematically using the PTA (practical threat analysis) model. IKS enables the organization to explore ways in which attackers can decide to damage the organization – and formalize the attack scenarios with “qualitative” conditions. By design, IKS models do not predict sharp changes, but they do generate qualitative implications – for example an uptick in Gmail traffic will be indicative of an organization that is vulnerable to data loss of company documents of Gmail.

Sadly, current information security models based on pre-defined attack behavior have failed miserably to predict and mitigate damage to the organization. The models and the systems they implement are flawed because they disregard a key feature of security attacks – namely that both attackers and defenders have imperfect knowledge in making their decisions.

Recognizing that our knowledge is imperfect is key to solving this problem.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this