Digitization is here to stay and we could either hide from it or embrace it, but as you remember from the times of old, sooner or later you would still be found. The embracement means that our processes with the assorted paper trail go digital. Here is the thing about digitization that few understands: The paper trail disappears. What´s on the computer is the truth as there is no proof otherwise anymore.
When everyone is thinking of all new ways we could use IOT, move our life into the devices and in general be more efficient in everything involving information it is my task to make sure that you all could do that and trust that the computer doesn’t say no.
The last number of years we have seen a very large increase in attacks, not only standard Trojan attacks but DDOS, attacks on IOT, attacks on industries, power grids and attacks on our political systems using computerized attacks. We have been trying to fend those of with traditional security but to no avail. We are lagging behind. It is time to start working differently with security and move far beyond the traditional setup.
Marching Toward Digital Trust
Security testing, secure coding, and surveillance, to name a few, will still be brick and mortar in the digital world but what we need is to implement functions to guarantee the integrity of the information and systems. Not only do we need to be sure that they are more or less non-hackable but even more do we need to have extensive logging of transactions that are built on non-repudiation, that are built on a guaranteed extensive identity management governed by a trusted party, that contains a trust in the full transaction, no matter the device or geographical placement of said device.
This is called Digital Trust. The security department will not be the ones providing only firewalls and secure testing anymore but the one helping you guarantee the trust in the systems, that provides all the help needed for your customers to feel that they could trust your company, that not only secures the systems but have the automated functionality to quickly identify and rectify an integrity error before this is even noticed by the users.
There will be errors, there will always be errors, there will always be attacks, some even successful, but it is the Digital Trust-department that should manage this by implementing integrity in all solutions, not only confidentiality and availability.
With digitization comes Digital Trust. Without Digital Trust digitization will fail.
Jesper Kråkhede is director of cyber security at Sogeti Sweden. Sogeti is a wholly owned subsidiary of Capgemini Group.
