Explore our blog for impactful resources, insightful articles, personal reflections and ideas that inspire action on the topics you care about.
One Kosmos Identifier newsletter graphic

The Consequences of a Wrong Diagnosis

October 2019 by 1Kosmos Editor
doctor with stethoscope icon

George Washington was a healthy 67-year old man when he mounted his horse the morning of December 12, 1799. As was his practice, he set out to inspect Mount Vernon’s activities as the light snow turned to rain. After returning home in the late afternoon, a now cold and wet Washington began to feel poorly and complained of a sore throat. Over the next 48 hours, three physicians were called and all three, based on faulty diagnoses, bled the weakened Washington of more than two pints of blood believing the source of his ailment was “unbalanced humours.”

The now lethally anemic and dehydrated first President of the United States, his body crippled by a misdiagnosis and its associated misguided treatment, died late in the evening of December 14 of a sore throat.

The morale of the story? Getting the diagnosis wrong can have disastrous consequences. 

What does this mean for those of us entrusted with securing our organization’s IT assets and  information? It means that if we do not accurately define the source and pathology of the agents that threaten to infect our systems, our efforts to combat them are doomed to fail.

To help us arrive at an accurate diagnosis, consider the pathology of some of history’s notable security failures: Target, Marriott and Yahoo.

Much has been written about each so, for the sake of brevity, we will forego a detailed examination here. But the common feature in each of these massive breaches was not so much a failure of technology as much as a failure of theory. The threat actors did not overcome the security technology. They took advantage of a fundamental philosophical flaw in how these systems were designed. Specifically, the attackers took advantage of these systems’ presupposition that users who authenticate with the network’s perimeter defense be extended trust and granted access to the applications and data inside that perimeter.

The problem in each of these cases was not that the technology did too little. The problem was the systems were designed to trust too much.

We trust because we are trying to balance the need to secure our networks while also trying to provide reliable, convenient access. One of the experiences that all IT executives share is the fiery middle-of-the-night call or text from an angry CEO blaming us for their inability to login from a remote location … on a personal device.

Up to the recent past, we seemed to be facing a no-win trade-off between security and convenience that would curse us no matter what we did to try to achieve a balance.

What we needed was a third option. That is what we were given with the Zero Trust concept. [You can watch a primer on the Zero Trust concept from the Forrester analyst who conceived the concept.] Where our classic approach to securing our networks started on the outside and worked its way in, Zero Trust requires that we start on the inside and work outward. We do so  in close cooperation with representatives from throughout the organization to ensure permission and access are granted and monitored thoughtfully and vigilantly.

Up to the recent past, architecting and deploying an identity and access management system of this level of complexity would have been prohibitive from a user experience perspective. Think of requiring your users to endure of cyber equivalent of Maxwell Smart’s entrance into the spy headquarters in the 1960’s American television show Get Smart. Clever for a show introduction but a non-starter for hundreds or thousands of corporate users trying to check their email.

BlockID by 1Kosmos is a technology that can help you effectively and efficiently implement a Zero Trust-based network. The BlockID mobile app leverages the capabilities of users’ smart devices to make available a wide range of authentication features including fingerprint, voice and facial recognition. The result is a verification system that is both easy to use and that eliminates the opportunity for fraudulent use.

Take the Target breach for example. Investigators discovered that the attacker gained access to Target’s network by using the login credentials of an employee from a third-party vendor. BlockID by 1Kosmos eliminates these types of attacks because it requires that the user’s physical identity be verified as part of authentication.

If you have reached the diagnosis that trust is the illness that ails your security architecture, consider BlockID by 1Kosmos as a part of your Zero Trust treatment plan. Watch this video to learn more.

Editorial questions, comments or suggestions?

Contact the 1Kosmos Editor

Learn more about 1Kosmos BlockID solutions?

Contact the1Kosmos Sales Team