VIEW 13
The evolutionary arms race
Cyberspace is a Darwinian space. Just as with lions and wildebeests on the Serengeti plains, or taxpayers and taxmen, hackers and technology companies are in an evolutionary arms race. Each side develops in response to changes in the other. The predator develops better attack methods which leads to improved defences from the prey; the two locked in a dynamic equilibrium that may swing to favour one side temporarily before reverting to the mean.
FAANGs ain't what they used to be
The internet is fundamental to the business model of most tech companies. It represents a commons that must be safeguarded from evil doers. Consider these five companies: Facebook, Amazon, Apple, Netflix and Google. Collectively known as FAANG stocks, they make up 13% of total capitalisation of the US stock market (5). All rely on the internet being regarded as a trusted and safe domain within which to conduct transactions. So, whilst governments may have concerns over cyber warfare, and regulators drive compliance through the threat of fines, it is actually the private sector - the tech companies like FAANGs and smaller cyber vendors - that are the main driving force behind the evolution of cyber defences.
Technological innovation has resulted in significant improvements in cyber defence mechanisms in recent times. Common attack vectors are being stymied by defensive counter plays. Where consumers once used the same ‘easy to guess’ password for all logins, password managers are now built into most internet browsers. These automatically suggest strong randomised passwords to users, storing them securely so there is no need to commit them to memory. Likewise, ‘two factor authentication’ based either on a mobile phone number or on biometrics like fingerprint and face recognition have added an extra layer of security to the process of identity verification.
Secret SaaS?
Ransomware attacks, which lock up access to data until a ransom is paid, have made the case for cloud computing more compelling. If your accounting or client account management systems are provided by a cloud based third party like Salesforce or Xero, they are no longer sitting on a vulnerable local server in the office. Software as a service (SaaS) moves the data further away from the attacker, reducing the leverage of ransomware.
The most interesting recent development in the evolutionary arms race is the ‘disposable’ credit card offered by Fintech companies such as Final Inc. If you are concerned about making a particular online purchase, why not use a disposable, ‘one-off’ credit card. A new credit card number can be generated in seconds which is specific to that transaction and will be deleted after use. This is a powerful solution to the problem of credit card theft.
