DigiCorp Labs reported in a press release last week that it has been certified as an Independent Software Vendor (ISV) by Hitachi Vantara. Digicorp's innovative blockchain and Web3 technology coupled with the modern Hitachi Content Platform (HCP). Both designed to address Enterprise challenges for Smart City & IoT, Metadata & AI compliance and Cybersecurity & resilience. In this blog, I take a closer look at the holistic approach to cyber resilience: the combination of technical solutions and human factors to not only stay safe, but - even if only partially - stay operational and recover quickly.
Cyber attacks have become commonplace. Whether successful or nearly successful, even a limited attack can shut down an entire organization. With the rise of centralized clouds, our infrastructures are more interconnected and 'overall' more dependent and vulnerable. That vulnerability creates the need for cyber resilience: the "coping capacity" to both continue to function and recover quickly during a cyber incident. Cyber security focuses primarily on preventing attacks. Cyber resilience focuses on damage control and ensuring operational continuity.
The term resilience stands for "resilience": the ability of a system, person or organization to recover quickly after a setback without permanent damage. The focus is on resilience, flexibility and the ability to adapt to unexpected circumstances. Think of bamboo that bends with the fiercest storm but then straightens itself up again. That's what you want in a cyber incident: to bend along quickly and then recover quickly. Think of gum that initially appears to break when you stretch it, but recovers and then allows itself to stretch even further without tearing. This illustrates how cyber resilience works: flexibility and maintaining core functionality despite setbacks.
Our immune system is also an example of resilience: it learns from previous infections to deal with new threats better and faster. A cyber resilient system learns to detect and combat future attacks. But just like fire or airport security where only the affected part is isolated and the rest remains operational. It is like a sunflower rotating with the sun: a cyberresilient organization adapts flexibly based on changes in threats and therefore continues to "grow." This keeps the organization functioning resiliently, even under pressure.
Cyberresilience goes far beyond protection; it requires preparations to keep running and continuously improving in the event of an attack. The difference lies in their focus: security is primarily about prevention, resilience is about recovery and ongoing functioning. The basic assumption is that attacks will always occur and that organizations have the ability to continue to function - even if only partially - during a severe attack How do I set up my processes, technology and culture to ensure rapid response and continuation of critical business processes, even in times of severe digital disruption.
Resilience starts with decentralization and then compartmentalization of processes. Also controlled linkages between those compartments to reduce the risk of domino effects. Build redundancy into every process and provide backups if a system or process fails. Small portable, pre-installed data centers such as Digicorp's Edge box, which can be quickly placed in the network as a secure node. Distributed data storage makes it secure and even quantumsafe to protect. Take humans out of the process and use automated startup and recovery systems. And use AI and machine learning to quickly detect threats and provide targeted responses. And last-but-not-least, dynamic password-free authentication using active biometric recognition and analysis of specific behavioral patterns, or "zerotrust" like Digicorp's mobile DGMV ID solutions.
Cyberresilience is closely intertwined with Zero Trust, quantum-secure, continuous identification and dynamic data security. Cyberresilience must be built in "by design," fitting into the information architecture. Adding it later to an existing systems is impossible. Zero Trust is the principle of "trust nothing, verify everything. By default, systems never trust any user, device or application, even within their own networks. Based on "continuous identification. Every interaction is verified in real time using both biometrics, device identity and behavioral analytics to validate access. This is crucial for cyber resilience because it ensures that - even after an intrusion - internal threats are recognized and can still be isolated.
Quantum computing threatens within a few years - five to seven years? - to break our cryptographic standards. Therefore, using quantum-secure cryptography (such as lattice-based cryptography) now is essential. A Digicorp's quantum-resilient storage method "illogically" cuts up information and spreads it across multiple, decoupled nodes. By storing data in smaller, encrypted segments scattered within decentralized networks, it is impossible for a single actor to collect all the segments and perform decryption successfully. In addition, data diodes only allow information to flow in one direction. This creates read-only connections, provides more disconnection from critical systems and significantly reduces the number of attack vectors.
Cyberresilience requires a distributed architecture - such as blockchains and the new Web3 - in which systems and connections have self-healing properties "by design. Remain resilient despite attacks or technical failures. Decentralized security prevents one point of failure from bringing down the entire system. Decentralized blockchain storage prevents both data failure and data corruption. Built-in smartlayers ensure that transactional processes can continue to operate uninterrupted. Cyberresilience combines continuous validation, quantum-resilience measures and segmented - node and edge-based - architectures that are aligned to not have a smaller attack surface, but also ensure that the whole can continue to function during and after an attack.
Digicorp Labs is developing Enterprise solutions for this new, cyberresilient Web3 world. Passwordless applications such as DGMV-ID and secure communications such as DGMV-Secure Meets. Use of open blockchains such as DigiByte as a secure, decentralized database. With Digicorp's patented DGMV-SmartLayer, both NFTs and smart contracts can be created and managed in the blockchain to securely and immutably organize processes and data capture. In a dynamic and loosely coupled, compartmentalized set of hubs, nodes and edge devices. To nimbly and proactively both evade attacks and maintain optimal performance. In these "grid structures" of real-time and fast data, collaboration with robust central data platforms for big data, data lakes and analytics is essential. Therefore, partnering with Hitachi's Content Platform (HCP) is an essential step forward in enabling Digicorp Lab's Enterprise solutions to be widely deployed.
https://hanstimmerman.me/cyberresilience-kunnen-blijven-functioneren/
