January 12, 2017

Digital Trust – Security in the digital world

BY :     January 12, 2017

Digitization is here to stay and we could either hide from it or embrace it, but as you remember from the times of old, sooner or later you would still be found. The embracement means that our processes with the assorted paper trail go digital. Here is the thing about digitization that few understands: The paper trail disappears. What´s on the computer is the truth as there is no proof otherwise anymore.

When everyone is thinking of all new ways we could use IOT, move our life into the devices and in general be more efficient in everything involving information it is my task to make sure that you all could do that and trust that the computer doesn’t say no.

The last number of years we have seen a very large increase in attacks, not only standard Trojan attacks but DDOS, attacks on IOT, attacks on industries, power grids and attacks on our political systems using computerized attacks. We have been trying to fend those of with traditional security but to no avail. We are lagging behind. It is time to start working differently with security and move far beyond the traditional setup.

Security testing, secure coding, and surveillance, to name a few, will still be brick and mortar in the digital world but what we need is to implement functions to guarantee the integrity of the information and systems. Not only do we need to be sure that they are more or less non-hackable but even more do we need to have extensive logging of transactions that are built on non-repudiation, that are built on a guaranteed extensive identity management governed by a trusted party, that contains a trust in the full transaction, no matter the device or geographical placement of said device.

This is called Digital Trust. The security department will not be the ones providing only firewalls and secure testing anymore but the one helping you guarantee the trust in the systems, that provides all the help needed for your customers to feel that they could trust your company, that not only secures the systems but have the automated functionality to quickly identify and rectify an integrity error before this is even noticed by the users. There will be errors, there will always be errors, there will always be attacks, some even successful, but it is the Digital Trust-department that should manage this by implementing integrity in all solutions, not only confidentiality and availability.

With digitization comes Digital Trust. Without Digital Trust digitization will fail.

 

Jesper Kråkhede

About

Jesper Kråkhede has had a long and diverse career within as disparate areas as social worker and security architect. From 1995 till 1998 he worked as a social worker/IT-responsible but decided to quit the same day a client tried to stab him with a screwdriver. After attending different courses he started as an infrastructure consultant at MercatoR 1998 where he started looking more deeply into the field of security. 2001 he moved on to G2 Solutions for a year where the focus area was secure coding. In 2002 he joined Capgemini as an infrastructure engineer and soon began to build a security practice. As Jesper is a very curious person he has worked in all fields of security from pen testing to security strategy but the last eight years his primary focus has been security architecture and compliance.

More on Jesper Kråkhede.

Related Posts

Your email address will not be published. Required fields are marked *

8 + 2 =


    *Opinions expressed on this blog reflect the writer’s views and not the position of the Sogeti Group