The Internet as it exists today is a patchwork of networks and protocols that has been built up over time with no provision built in for trust. It is prone to multiple points of failure, says Menny Barzilay, Chief Security Evangelist for digital security company Uniken.
"Things like SSL and certificate authorities that are the most common tools used on the Internet today to create trust are single points of failure - if SSL is broken or the certificate authority is hacked, trust is eroded," Barzilay says. "We need new models of security to address emerging issues."
If SSL goes, we need a plan B, he says, and innovation on the application level that provides a built-in mechanism for trust may resolve many of the issues we are facing today. With the Internet of things around the corner, devices being able to mutually establish trust may safeguard the Internet from many of IoT's perceived pitfalls.[See: IoT in India: Security Challenges]
In this exclusive Interview with Information Security Media Group, Barzilay shares background on the topic of his session delivered at RSA Conference Asia Pacific and Japan, in addition to speaking about:
- Addressing the fundamental issues around trust;
- The need for a change in thinking;
- The next big thing in security.
Barzilay is the chief cybersecurity evangelist for Uniken Inc. Prior to joining Uniken, he served as a CISO in the Israeli Defence Forces and head of the IT Audit department at Bank Hapoalim Group in Israel. As an evangelist, he meets and advises many startups and entrepreneurs from around the world. In addition, he is a panelist on several professional work groups worldwide and a regular speaker at cybersecurity conferences.