Unsolvable Security Problems

While the world’s greatest minds (and high below-average minds) have found amazing answers towards some of the world’s great philosophical questions of life, the universe, and beyond, I think there are still really important unsolved scientific problems that we need to deal with in our daily lives, like security.

Yes, it’s an important scientific problem to solve! I get it that it’s not up there with “are we in a holographic universe like the Matrix?” (science says probably not) and “are we alone in the Universe?” (science says yes but only because all those other civilizations out there don’t like us). But security still has some pretty important scientific problems to solve. And they affect us right here right now. Starting with:

  •  What is security?
  •  How do I make it?
  •  How do I know how much I have?

The security industry has not been able to really agree on an answer to this. Imagine if the plumbing industry couldn’t come to an agreement on what is plumbing. So yes, it’s a problem. And we have a lot of ideas but no proven answers, if there can even be one.

And that’s just the first unsolved problem in security. There’s so many more like:

  •  Is making something harder to do make it more secure?
  •  Does the size of the attack surface affect the overall security?
  •  Does intent affect security?
  •  Can resilience (resisting until failing safely) and continuity exist in the same control set at the same time?
  •  Does defense in depth (stacked or layered defenses) improve security or just reduce the range of assets available in a successful attack?
  •  Does defense in width (broadened control coverage) improve security or just reduce the types of successful attacks?
  •  Does cyberhygiene improve (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Blog. Read the original post at: https://threatmatrix.cylance.com/en_us/home/unsolvable-security-problems.html