06 June 2016

Data Provenance: The Truth of Information...

Our ability to make trust decisions that we know are sound and effective, begins with the provenance of data.  When you trust the source of information that is being communicated, it makes all the difference in your final decision to trust.  Operational Risk Management (ORM) is quickly evolving to a next generation of truth.

What publications do you read?  Who wrote the article?  What is the authors reputation?  Is it a book on Amazon or a newsletter delivered via e-mail?  These are all questions you ask yourself as you absorb the content and process the information being conveyed and the evidence available to you.

What important truth do very few people agree with you on?

Most people think that traditional Risk Management is a sound process.  Risk Management Frameworks in a digital environment do not work and are soon to be extinct.  The truth is, human beings are incapable of effectively managing the "Zeros and Ones" with a simple "Likelihood vs. Impact" matrix.  The complexity and speed of change is just too great.

Why?  The answer is, that very few people really can even understand the fundamental engineering of the digital inventions we are operating or encountering each day.  How can you expect them to judge whether a digital asset is more likely or not, to encounter a serious integrity threat?  How can you really expect them to judge the origin value of the digital asset to themselves or others?

However, once you have closely studied and researched around a hypothesis long enough, some clarity and new truths are capable of being discovered.  This is when new discoveries are made and the opportunity for mankind to advance or decline takes place.  That is why humans have built other kinds of digital machines, to assist them in making these trust decisions to manage risk.

You see, when the dark side actions of the Internet started to become more of a reality (probe, scan, flood, authenticate, bypass, spoof, read, copy, steal, modify, delete) to most people using it, we invented new safeguard computing machines.  Some were called "Intrusion Detection Systems" (IDS) and others were called "Firewalls".  This was just the beginning.

Soon after the dawn of the 21st century, we began hearing the names of new digital software machines to battle viruses that were described using terms such as "Deep-Packet-Inspection" and digital forensics.

Now in 2016, we have Microsoft and Facebook engineering their own fiber-optic cable network to cross the ocean to deliver data at 160 terabits.  Why?
Facebook and Microsoft are laying a massive cable across the middle of the Atlantic.

Dubbed MAREA—Spanish for “tide”—this giant underwater cable will stretch from Virginia to Bilbao, Spain, shuttling digital data across 6,600 kilometers of ocean. Providing up to 160 terabits per second of bandwidth—about 16 million times the bandwidth of your home Internet connection—it will allow the two tech titans to more efficiently move enormous amounts of information between the many computer data centers and network hubs that underpin their popular online services.
 The decision to trust begins with the control end-to-end of the system.  How many hand-offs were there for the courier to carry the message from point A to point B along the path?  Who was in control of the path along the journey?  What assurance do you have that the message was not altered in it's content during the transit.  Now you are starting to get the big picture.

If your name is HP, or Cisco and many others in the telecom industry, your competition is not the normal hardware infrastructure companies anymore.  Soon corporate enterprises will be seeking specialized networks on a case-by-case basis, that are not controlled by Verizon, AT&T or BT.  It goes far beyond control of equipment and physical assets.

The "TrustDecisions" that you and your organizations encounter in the next decade may very well rely on a whole new set of rules.  The integrity of information will rely on a whole new set of networks and a whole new level of truth, on the provenance of data.

No comments:

Post a Comment