DailyPost 1038
CYBER BREACH RESEARCH CENTER AND LAB
Modern world finds ultimate happiness in groping in the dark while claiming to know the tracks and claim to be following it. We can see this story repeating in large number of areas / sectors. The ultimate manifestation of this ugly trait is found in the area of cyber security. From the IT companies creating secure softwares to the hardware, the networking, the data centers, the anti-virus cabal, the researchers, the IT security companies, the social media types are all party to this unbelievable trend. Their utility cannot be negated by saying it could have been worse.
Not in anyway belittling the role of the researchers with regards to WannaCry, locating lots of other breaches, Kasperesky / other companies researches on the likes of Lazarus, the NATO Cooperative Cyber Defence Center of Excellence in Tallinn their still remains huge crevices in every dimension of the cyber world, which is being mercilessly exploited by hackers of all hues and color. There have been a large number of major hacks in the last ten years. To all the efforts already being made, a dedicated Cyber Breach Research Center and Laboratory is the need of the hour.
A consortium of the the type of (ISC)2, all stakeholders worth in the field with a commitment to change, would run this Center. The intensive research would lay threadbare all angles; the modes operandi, the time taken to detect and why, the actors, the players behind, their connects, the signatures behind the front end ones, the vulnerabilities exploited, the hacking capabilities, the nature of data loss, DarkNet connects, the spies, the intelligence agencies, the sleeper cells and any number of other parameters. All this would be tested for its authenticity in scenario based laboratory pertaining from SCADA to Central Banks.
Real time dissemination of research findings should be at the core, to all who need. This authenticated research would throw up connects which would be one of its kind with regards to hacking groups, their specialisation, their growth story, the trail, the master minds, the nitty gritty of modus operandi, the perseverance needed to hack, the knowledge et al. An immense treasure house which would guide us to Cyber Safety.
SYMPTOMATIC TREATMENT WILL NOT WORK FOR CYBER SECURITY.
Sanjay Sahay