By detecting anomalies in real time, your software allows companies to respond flexibly?
Yes. For many customers, before they had our system, it would take them forever to learn of an attack, then they had to go figure out what happened, how, and when. Worse yet, they would then go to their development team and say, “Hey, we have to fix this page so that people can’t hit it a hundred thousand times per minute.” And the development team would say, “We know how to do this,” but it would be weeks or months until they could get it live. What we can help them do is send triggers to other systems, like a firewall, and say on the next request, “block this traffic.” Our customers can put rules in place that take these actions and test it in maybe a few hours. We’ve done it in 15 minutes in an emergency case.
In a video I saw, you claimed that Silver Tail could stop WikiLeaks-type disclosures. There are times when information is legitimately leaked from within the government because the public has the right to know. Do you ever think about how your technology could be used to eliminate whistleblowing?
My goal has always been to add integrity to the Internet, but if my software keeps the good guys from getting to information that is being inappropriately hidden, that’s a catch-22, right?
I’m definitely not advocating that people expose everything they think the public needs to know. The answer is likely that the owners of the Web site should have the ability to decide what goes out and what doesn’t. I understand that isn’t ideal since it’s the owners of the Web sites that would likely want to protect the information. It’s possible that this is one of those cases where there is some impact on the minority for the greater good of the majority. I would postulate that protecting data is more important than making sure the small amount of data that should be exposed is available.
During the next five to 10 years, what do you see as the future of cybersecurity? What new threat vectors are evolving, or at least can be predicted, that cybersecurity companies like Silver Trail will need to develop remedies against?
I’m beginning to think the problem isn’t that we aren’t doing a good enough job anticipating what is coming. I think the problem is that we focus too much on what is going to be the next threat. There are so many threats that arise that were unexpected, I think the better way to look at threats is to acknowledge you don’t know what’s coming. Once you admit that, you craft your strategy around identifying the new threat as soon as it emerges. This seems to be the most economical way of addressing threats. Instead of spending money and resources fixing things that haven’t been attacked, only fix the things that have been attacked. Our system, for example, is all about letting people move quicker and give them the confidence that if they are attacked, they will be notified quickly and can respond quickly.
With your background, what vulnerabilities worry you the most about the cyber-realm?
There is definitely the possibility of a catastrophic event on the Internet. The main thing that has prevented that in the past is the fact that most of the people who would like to cause the problems that would occur by taking down the Internet also rely on the Internet, so it would hurt the attacker as much as the victim. Given that the Internet was developed for purposes very different from what it is used for today, there needs to be a major rearchitecting of the Internet. It seems that a bit of planned disruption now might be better than unplanned disruption later if the criminals decide they want to completely disrupt the system.