What is the Value of Purpose-Built Digital Security? 

Board Members, CEOs and Sovereigns, Please Beware,

Your Digital Liabilities are a Scare

 

There is a moment in the film “Titanic”, when the naval architect makes the very cold assessment that, “It is a mathematical certainty that the ship is sinking.”  Sparing the math, he knew a dirty little secret.  Being responsive to his employer’s demands for “open architecture”, convenience, features, dare say, commercial competition, it was never designed to be secure.  Marketing said it was “unsinkable”, not engineering.  Customers boarded because it was so impressively large.  Select elite anticipated an historic, luxurious crossing.  Size and extravagant decorous detail created a farcical deception. 

 

Late one evening in mid-April 1912, set on a seasonally risky, northerly rum line course, anticipated to achieve a record Trans-Atlantic crossing, all were aboard with expectations and hubris.  What could possibly go wrong?  Massive momentum reduces response time and creates a lack of maneuverability.  Deep dark cold ocean waters burst through multiple sections, scored by an even more dense mass of immovable ice that demonstrated tremendously powerful, fatal pressure.  All those collapsed compartments lacked the design, build or operational capacity required to separate and isolate the damage.  Had they, it would have, at the least, bought more precious time.  Steel bulkheads, which separated each of the compartments, vertically, were not enclosed at the upper levels, a critical design and construction flaw. More insidious, a culture of complacency discouraged securing bulkhead hatches at all levels of the ship, for the convenience of passengers, an operational hazard.  Water flowed from each of the flooded sections, if not through multiple open hatches, surely up and over the bulkhead, down into the next, in a cascading certainty of sinkage.  This paragraph is to say, your digital architecture is built in the exact same way.

 

Communications networks are analogous to the architectures of very large ships, or perhaps simplified, to those of seven-story buildings, like the seven layers of the communications stack.  CTO’s and CISO’s are given a fundamentally impossible task of securing these networks with competing demands that require delivery of features to customers, all while putting an increasingly large and valuable treasure-trove of digital assets into the pilot houses of these ships, or penthouses of the buildings.  They do so, stoically, knowing structural flaws exist at the third and fourth decks, where the Operating Systems (OS) control machines belonging to shareholders and citizens.  They do so while battling attackers, stowaway saboteurs who board the ship prior to departure and transform to imposter crew members who foul bilge pumps and jam hatches open. And, some CISO’s feign to secure networks, cynically, at great profit, finding virtue in communicating a “commercially acceptable level of risk” to board members, while participating in a wealthy cyber security ecosystem.  All the while, nothing in the world of legacy commercial digital architectures connected to the wild is secure; not our leading banks, telcos, managed cloud services or infrastructure. Nothing. 

​

Outsourcing your architecture or operations, your applications, data, security, analytics or insights to someone else’s OS driven ecosystem or public cloud does nothing to actually secure your corporate, government or sovereign crown jewels.  Nothing; other than perhaps create the exceptionally false impression that you have outsourced the associated responsibility or liability.  But wait, we are spending collectively hundreds of billions annually on layer seven application software to patch the hull of the ship. Right?  Tragically true and woefully wrong.  You cannot retrofit a ship or a building by decorating the pilothouse or the penthouse. 

 

Shipwrights and forth rights agree that the risk of catastrophic failures within our digital infrastructure are both near and present dangers.  Our systems are failing.  No need to wait for AI driven cyber-attacks and quantum computing that accrue further asymmetric advantages to the attackers.  The networks are already overburdened with accelerating pressures on a flawed structure.  iOS, Android, Linux, QNX, and Windows and every commercial OS in existence had the same design mandates as the Titanic.  They are big and beautiful in their own rights.  However, none of these was designed to be secure and the NSA says explicitly that, “they never will be.”  This two, was proven in math. QED.

​

What is the solution?  A purpose-built secure naval architecture: a compartmentalized mini-submarine was designed by a beautiful mind to defend against the sophistication and resources of nation state attackers.  An architecture tested in the world’s most important and sensitive military assets for decades, is now available for commercial usage, among Western allies exclusively, to retrofit known structural flaws in our communications networks.  The only NSA rated “secure” OS in existence is at the core of our Security as a Service digital security solution for sovereigns, governments, and leading corporations.

 

Rod Teeple

Managing Member