Before we list our top ten security threats for 2008, let us take a moment to review the current situation in cyberspace and how that maps to complex event processing.
First, you might be asking yourself, Why is security and risk management important to complex event processing?
Cyberspace today is not much different than the airspace was many decades ago. In the earlier days, folks learned to fly airplanes and launch rockets long before they learned to track, trace and identify them. However, over time, as sky and space became filled with planes, missiles, spacecraft, space junk, and other flying objects, the technologies to track, trace, identify, assess, predict and react to situations that emerge around these flying objects were greatly refined.
The same holds true in cyberspace today, as it was in the early days of flying machines, rockets and missiles.
We have rapidly expanded our ability to transact business, socialize and share information in cyberspace, but we are far behind on our ability to trace, trace, identify, assess, predict and react to situations and composite events in this new frontier.
Cyberspace has become a critical and riskly place. We need to make cyberspace safer; there is little doubt nor argument on this situation. Everyone agrees.
Recall from this earlier post, Security Event Management (SEM) with CEP (Part 2) – Trends in Cyberspace, and the figure (in that post) from IBM that depicts over 200,000 various malware in cyberspace. The number is growing exponentially, it seems.
Cybercriminals, cyberterrorists, sociopaths and other antisocial people currently have a great advantage over all of us. The capabilities of miscreants to launch attacks in cyberspace far exceeds our ability to trace, trace, identify, assess, predict and react to situations and composite events in real-time.
Complex event processing is a technology which, implemented correctly in a distributed computing model, has the potential to even-the-score and bring increasing more balance to the current risk imbalances in cyberspace. My “getting long in the tooth” years of experience in cybersecurity is one of the main reasons I am interested in CEP.
Before we get to our top ten list of security threats for 2008, let’s spend a few bytes on reviewing the relationship between threats, vulnerabilities, criticality and risk. I’ll discuss this in more detail my next post in this series.
And, as always, thank you for visiting!