Categorical Trust in Digitality

By Srinivas Kumar

Categorical trust in digitality is nirvana for information technology (IT) and operational technology (OT) convergence from device manufacturing to provisioning, commissioning, and field operations in production environments. It may not require expensive hardware upgrades to legacy devices and may be achievable with cost effective software or firmware enhancements, to extend the operational lifetime and efficiency of brownfield and greenfield devices in production environments. Retrofitting trust in the minefield of unprotected devices already in existence is essential for interoperability and integrity of long-lived inter-connected systems.

Smart devices designed for the Internet of Things (IoT), industrial IoT, and operational technology (OT) in the emerging era of digital transformation require protection by design for cyber resilience. Cyberattacks by nation state actors and cybercrime syndicates cause system outages and disruption of essential services. This book is a call to action – for silicon chip makers, equipment manufacturers, managed security service providers, device owners and operators, to begin the journey towards collaborative cyber protection.

The traditional information technology (IT) detection and prevention methods based on threat models are inadequate to defend the billions of devices that are an intrinsic part of our daily regimen. It's essential to adopt protection models based on risk for modernization across all sectors – smart factories, smart cities, smart grids, smart transportation, smart homes, healthcare systems, aviation systems, public utility systems, defense systems, and law enforcement systems.

The power of scientific and technological innovations offers opportunities to transform and reform the way things are and the way they ought to be. If the past three decades are a gauge of the power of innovation, then the next three decades will be a harbinger of the power of transformation.

Over the years, there have been multiple waves of technological evolution. We've seen evolutions from analog to digital over copper, and then from copper to fiber, and fiber to wireless. Soon after that, we advanced from on-premises to cloud data centers, and then from local applications to online applications, then local storage advanced to cloud storage. All these advancements were remarkable endeavors.

The second wave of inventions included virtualization, cloud computing, high speed connections, software defined networking, online applications and remote services. All these advancements have shaped a global economy.

This book emphasizes that the third wave is coming. Recent advances in silicon technologies, field-programmable gate arrays, edge computing, zero trust models, artificial intelligence (AI), machine learning (ML) and deep learning (DL) collectively provide a platform for digital transformation at scale.

Data is the digital currency and trustworthiness is the measurement of digital intelligence. Devices dominate every aspect of our daily living at home, in public, and at work. Digitality and Cybersecurity (digital military) will inevitably shape the future of humanity in profound ways. Even as humans are intensely "machine learning", machines are reciprocally "human learning". Therefore, categorical trust in data and devices is imperative.

• Language: English
• Publisher: BookBaby
• Release date: Dec 10, 2022
• ISBN: 9781667872483

Book preview

BK90072137.jpg

Categorical Trust in Digitality

©2022 Srinivas Kumar

All rights reserved. This book or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of the publisher except for the use of brief quotations in a book review.

print ISBN: 978-1-66787-247-6

ebook ISBN: 978-1-66787-248-3

CATEGORICAL TRUST

IN DIGITALITY

As the karmic cycle of human innovations and cognitive genius unfolds a digital culture, a higher evel of thinking with a meta-conscious mind will become necessary to deal with the unintended consequences of digitality.

The journey to digital transformation and civilization begins with a change in mindset as the top line, and the courage to step outside the comfort zone as the bottom line.

Give the innovators you want, the freedom to fly, the incentives to return, and the encouragement to stay.

Dedicated to, and in fond memory of, my parents who taught me that honest, industrious, and selfless duty is life’s mission and is all that matters in the end.

Heartfelt gratitude to my wife Neela, son Srikesh, and daughter Rishika for encouraging me to keep writing and stop terrifying them with my

cyber paranoias.

Security is a must have control.

Protection is a must have had countermeasure.

Table of Contents

Preface

Acknowledgments

Navigating Through the Book

The Digital Evolution

Trust Models

Tools and Methods

Categorical Trust on the Road Ahead

How Technology is Transforming Industries

in the Digital Era

IoT is a Constant

Zero Trust

Miles Per Cyberattack

Rationalizing Trust in Cyberspace

Cybersecurity Deja Vu

Zero Trust is a Paradigm Shift

Protecting Devices in Operational Technologies

The C-Suite Guide to Device Modernization

A Definitive Guide to OT/IoT Modernization

Cyber Paralysis by Ransomware Stings

Ransomware Attacks Becoming the New Normal

The Big Zero

The Supply Chain is Not a Trust Chain

Ransomware is Cyber Warfare

Protecting the Digital Planet

Why Cybersecurity is Still Elusive

Evolution of Things

The Way Forward

The Passage to Digital Transformation

The Elixir of Things

The Connected Cloud of Things

The State of Digital Transformation

and OT-IT Convergence

The Building Blocks for Device Transformation

When the Supply Chain Becomes the Kill Chain

The Conundrums of Trust

The Risk Model

The Uphill Road to OT-IT Convergence

Why Breaches Happen

Signaling Integrity and Data Exchanges

Runtime Operational Integrity

The Status Quo

The Epicenter of Cloud Computing

Glossary

Epilogue

About the Author

Preface

The theory and practice of cybersecurity requires an intricate understanding of the cyber anatomy that includes machines, software, user psychology, hacker mentality, corporate policies and processes, interworking protocols, and the network fabric where the crown jewels of informational and operational systems reside.

The Internet era enabled rapid globalization and created a worldwide market for products and services. Cyber is the fiber of global commerce. The Cyber era is on the cusp of opening up a global market for cybersecurity services in a wide array of industries from finance, healthcare, infrastructure, manufacturing, transportation, to customer devices and the Internet of Things (IoT). The tectonic plates for the services industry are shifting from network management to managed security services for business continuity in a compromised environment.

From small, medium, and large enterprises to consumers, the FUD (Fear, Uncertainty and Doubt) factor weighs in heavily as cyber-enabled systems govern daily regime from automobiles, smartphones, laptops, tablets, data centers, and manufacturing equipment to household appliances. The cybercrime syndicate has emerged as a formidable adversary and poses a serious challenge as critical digital assets and business processes are vulnerable to theft of intellectual property, invasion of privacy, and orchestrated subterfuge. Leveraging dual-purpose technology (such as encrypted communications, and anonymization), a sophisticated arsenal of malware toolkits, and programming talent, hackers have succeeded in staging coordinated high profile attacks penetrating modern perimeter and endpoint defenses.

Security cannot be an afterthought anymore as borders are history and threats are geographically ubiquitous. The battle lines have been drawn between the hackers and the tacklers, with a call for action and proportional response. Establishing trust and resiliency in the titanic vastness of cyberspace requires rethinking the security paradigm and continuous vigilance. Resilient defense against a powerful cybercrime syndicate requires a paradigm shift in enterprise risk management. This necessitates a holistic solution to aggregate 360-degree assessments and provide a structure and calculus to create a consolidated statement for real-time, actionable decision making and control. Establishing a synergy between policy, process, and technologies, to measure the runtime operational integrity of systems, requires a force multiplier that augments the human-in-the-loop with an automation based expert system for evidence analysis and incident response. Timely observations need instrumentation to correlate data and context for protection at the epicenter of data breaches – the soft core.

In the theological realm, trust may be unconditional and based on implicit faith. However, in the cyber realm, distrust is implicit and, trust is always conditional and based on explicit verification. The influence of cyber on daily activities at work and home behooves a higher level of vigilance and savviness from netizens, and throughout the supply chain, in this cyber era.

Even as the world economy has transitioned through a simple needs-based adaptation over the centuries from agricultural, industrial, and financial to a services economy, the interdependencies between people, process and machinery has remained intricate. The thin line between products and services is rapidly vanishing as advances in technology reduce the half-life of mainstream products and sustaining services grow into the qualitative differentiator. Threat intelligence provides a frictionless surface for cyber resilience, and an effective defense strategy requires a paradigm shift from a need to know to need to share mindset.

Cyberspace has the potential to challenge and influence the social and political order across the globe, as witnessed by polarized and uncivil national elections, the Arab spring in the Middle East, and the tea party movement in the United States. Wars that were historically fought with battalions of soldiers, guns and mortars are fought today with satellite technology, unmanned drones and precision guided missiles that cost billions of dollars. The future wars may be fought with a geo-distributed pack of hacktivists with a benign or malicious purpose, at a low cost of operation funded by nation states or syndicates, with a highly reduced risk of casualties, friendly fire, or collateral damage as in traditional wars. From ransomware for blackmail to stirring chaos amongst citizenry, advanced coordinated attacks on critical infrastructure to challenge the establishment, disruption of financial services, initiating political upheaval for ideological reforms, cyberspace provides opportunities for the motivated.

There are no decisive or war-ending victories on the cyberspace battlefield. The cybercrime industry is omnipresent, outside and inside the perimeter defenses, and expansive. The return on investment in cybercrime is staggering. The first strike capability of an attacker to stage a preemptive attack and survive without any retaliation action poses an enormous risk and is a lucrative financial incentive. In the decades ahead, reconnaissance and data exfiltration techniques of unmanned and precision guided malware will pose a daunting challenge to the gate keepers of critical assets and intellectual property. The monetization of threat intelligence and post breach forensic investigations lures the security industry away from grass roots technology innovations to deal with the resilience of systems, rationality of processes and culpability of people. Advances in dual-use technologies have outpaced the evolution of trustworthy systems, processes, and users.

Digital Transformation is the coming wave in globalization without borders. Much as the Internet, cloud, and smartphones have transformed economies worldwide, the emerging tsunami of devices in activities of daily living at home and work will bring forth amazing conveniences and tragic consequences. A zero trust model for digital (re)engineering requires collaboration, rather than competition, between silicon chip manufacturers, device manufacturers, operating systems, security protocols, application developers, cloud platform providers and cloud services. A solution architecture must be formulated working closely with the ecosystem of silicon chip manufacturers, device vendors, original equipment manufacturers (OEMs) and service providers. This effort must also factor in fit-and-finish for deployment and operations, dovetailing with time honored workflows, retrofitting legacy brownfield devices and manufacture at scale of greenfield devices.

Cyber-security in information technology (IT) for defending development systems is bankrolled by cost center budgets. Cyber-protection in operational technology (OT) for digital transformation and categorical trust may be financed by profit center budgets, with investments in infrastructure modernization, to upgrade revenue generating (and aging) production systems. This is the transformative paradigm shift in device manufacturing and field operations workflows. Realizing the principle of categorical trust may not require expensive hardware upgrades to legacy devices and may be achievable through cost effective software or firmware enhancements, to extend the operational lifetime and efficiency of brownfield and greenfield devices in mission critical production environments. Retrofitting trust in the minefield of unprotected devices already in existence is essential for interoperability and integrity of long-lived inter-connected systems.

The emergence of artificial intelligence (AI), machine learning (ML), neural networks, and deep learning (DL) are leading indicators of the trajectory of things – our devices and data are no longer immune to unwarranted adversarial inspection. AI/ML/DL are poised to shift the balance of power amongst nations in the era of accelerated automation, digital intelligence, and data capitalism. In cyberspace, data intelligence is power and control. As algorithms and learning models begin to cultivate deep roots across cultural, social, psychological, and political divides the veracity and value of data will become hypercritical. There are no boundaries on consciousness or intelligence engineered from data. A high degree of assurance about the authenticity of data and the protections on field programmable devices (the mind of the machine) that produce, consume, and share the data are of paramount importance to preserve the integrity of automated bottom-up learning models. As machine intelligence begins to edge out human intelligence in decision logic, data poses grave risks that can lead to poisoning decision logic with meta-conscious and conscious bias. Data will become an evolving life form, filtered through the lens of the beholder and reborn in the world of virtual or augmented reality. Weaponization of dual-use critical technologies is closer than it appears in the rear view mirror of the past and may become the history of the future. Even as humans are intensely machine learning, machines are reciprocally human learning.

This book is my sincere effort to share and empower cybersecurity students, product security architects, and digital transformation practitioners everywhere to participate in this journey to define standards and specifications to achieve the objective of building trust in the wilderness of cyberspace. For technology workers, acquiring new technical skills and retraining will become necessary in the digital transformation era, as machines begin to replace humans with AI/ML/DL powered automation and the demand for smart devices in activities of daily living proliferates.

Categorical trust in digitality is the nirvana of cyberspace for information technology (IT) and operational technology (OT) convergence from device manufacturing to provisioning, commissioning, and field operations in production environments.

Acknowledgments

Writing a book is a solitary experience until the first draft is ready. Finalizing the book for publication takes multiple revisions based on feedback and suggestions by professional reviewers to improve the presentation and appeal for a wider audience. When it comes to technology innovations in an emerging market, the subject matter is often deeply technical and requires wide angle perspectives to effectively convey the message. An important objective of the book was to promote constructive dialog and cognitive debates across industry sectors, silicon chipset and device vendors, application developers, cybersecurity architects, and students in multi-disciplinary studies because digitality casts a wide net.

Shreya Uchil is a technical product manager with expertise in cyber protection for devices in the information and operational technology ecosystems. She is very knowledgeable in the workflows and functional use cases that drive decision making logic and strategies adopted by key stakeholders in the emerging converged IT-OT ecosystem. She has been an important sounding board for fresh perspectives and has been a huge help with her generous patience in rigorously proofreading and providing thoughtful feedback on the pragmatic and aesthetic content in the book.

Mark Nixon is a renowned researcher, inventor of numerous patents, and author of several books in industrial automation and process control systems. He has been a valuable reviewer of the technical specifications and solution architectures for next generation endpoint security in operational technologies. He provided me with significant perspectives on the security and logistical challenges original equipment manufacturers face in industrial IoT environments. That helped me focus on and address industry specific challenges and solutions for brownfield and greenfield devices from the intellectual and economic viewpoints.

Moenes Iskarous is an innovative and result-driven leader in the field of artificial intelligence and machine learning, inventor of several patents, and the author of numerous technical papers. He has decades of strong technical proficiency and proven success in developing business opportunities as well as growing and mentoring teams to deliver products based on cutting-edge hardware and software technologies. He has been an influencer across organizations driving product roadmaps and strategies for technical innovation in embedded edge intelligence applied to autonomous systems, computer vision applications, and robotics. His areas of expertise include explainable AI, augmented intelligence, and reinforcement learning. He serves on multiple advisory boards to develop embedded AI solutions as well as academic institutions to provide advice on developing AI and ML programs. His insights from the standpoint of silicon vendors and the criticality of trusted device intelligence and data streams to prime and fine tune AI, ML, and deep learning models helped me dwell extensively on the subject of data driven IoT.

Ashwin Ambekar is a distinguished architect and subject matter expert in digital security. He is a skilled technologist with experience in innovation, creating highly scalable and secure products, and driving thought leadership. His focus areas include securing cloud and cloud-based services, middleware and protocol security, identity management, zero trust, and building compliance specific architectures. His in-depth expertise in application security by design, security protocols, identity and access management, and network based security have been valuable to assess the technical subject matter presented to readers.

The opinions and thoughts