Since October is National Cybersecurity Awareness Month I decided to share my thoughts on the evolution of our digital life and the aliases that the digital world have created for us, past and present. For some of you, you may be aware of a fictitious alias that haunts me (I will refer to it as Alias X.) While I am very aware of the story and people behind the legend, a digital persona going back to the late 1990’s is still associated with me and owns my Google SEO ranking as well as plenty of SPAM from curious individuals. In fact, it is an alias I cannot shake even after almost 20 years. My digital presence not only created by myself but also inferred by others has been a cyber legacy that equates to me as a human being.
With the evolution of the Internet, we have created aliases for chat rooms, email addresses, avatars and login credentials. They are all associated with us and serve as fingerprints to identify who the true individual or organization is behind any identity. In my case, the claims of my past represent my Cybersecurity fingerprint. From Alias X, you can find out who I am and almost everything about my family. Even though I am not Alias X, the link between him and I has been well established and unfortunately well documented.
Today, our Cybersecurity fingerprints are everywhere —from healthcare data to taxes. As we have seen in recent breaches, these “fingerprints” are out in the wild and can now tie us to the rest of our digital lives and the physical world via public records and other leaked information. Consider the 5.6 million people whose information was compromised via OPM. That data not only included names, background information, but also their actual physical fingerprints. It’s just a matter of time before criminals act on it.
So, what about the future of Cybersecurity? In order to protect ourselves, we will need to remove the concept of digital aliases. Microsoft has begun an aggressive marketing campaign with the launch of Windows 10 titled ‘The Future Starts Now’ around their vision for the future of technology and Cybersecurity to do just that—children that log in with their smile, identification with more than just a fingerprint, etc. While I have strong reservations about using biometrics for identification and authorization (in case the data is compromised), it presents the next generation of Cybersecurity. An absolute value of who you are, without the need for aliases that leave bread crumbs for someone to research and figure out your true identity and relationships.
As for Cybersecurity in the organization, IT security teams need to think beyond passwords as their primary method of protection against threats. Register for our webinar titled ‘Passwords – then what? A roadmap to complete privileged identity management’ featuring guest speaker, Forrester Research, Inc. Vice President and Principal Analyst, Andras Cser on November 4th.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
