To me, security has always been a fascinating topic. In recent years, cybersecurity has come to the forefront of public attention via the initiatives and policies set up by states and local governments as they aim to strengthen our critical infrastructure against threats that harm the normal functioning of society.
Since the invention of the modern computer, it’s no secret that the advancement of technology has become a vital discipline in the development of society, one that permeates all aspects of the way we live - from education to healthcare, transportation to entertainment, and from national defense to mobility. These days, practically everything we do, from the way we give up personal information when making our financial transactions, to the data produced by measuring our vital signs when using wearables, is based on, and stored by, the technology we have invented.
And just as we have been moving with increasing speed towards technologies that in previous years would have considered pure science fiction, we have naturally adopted the help of virtual assistants like Alexa and Siri, embraced online grocery shopping and remote work en-mass in the wake of Covid-19, and have begun to take serious steps towards engineering truly autonomous vehicles, dreaming of that moment when we no longer have to suffer from the stress caused by sitting in traffic jams during peak hours.
That same evolution - although perhaps not so natural and sometimes rather turbulent - has been occurring in the cybersecurity industry for the last 20 years, through cycles in which we have been viewed our relationship with technology in three fundamental dimensions: endpoints, threats and controls.
Early 2000s: The Era of PCs and Basic Malware
Let’s go back to the beginning of the millennium, to a time when our definition of endpoints was limited to just servers and workstations – the good old-fashioned desktop or PC-based systems. In terms of protection against the threats of that time, the endpoint security suites that existed back then were focused on offering a basic antivirus and a set of manual utilities for system maintenance tasks, given that the most popular threats at the beginning of the decade were simple viruses like ILOVEYOU. These soon spawned more advanced threats like CodeRed, Nimda, SQL Slammer, and the advent of RATs and Rootkits that corresponded to the emergence of what is known as Defense in Depth.
A term some people attribute to the NSA, Defense in Depth or “layered security,” served as a new way to cope with the technological ravages caused by more advanced threats by focusing on multiple layers of controls in order to safeguard networks from the exploitation of vulnerabilities or the automatic execution of malware. And that malware had evolved to no longer simply be a nuisance, but had become something much more devastating to both businesses and governments - hence the adoption of Firewalls, Proxies, Host and Network Intrusion Prevention Systems, and vulnerability scanners.
Today, having a many-layered security ecosystem is the norm for a more complex and interconnected infrastructure that no longer just includes workstations and servers, but now incorporates the use of smartphones for corporate use. BYOD, as well as a greater modernization of critical infrastructure with the incorporation of SCADA systems and other embedded applications, is one of the more prevalent trends of modern years. It is at this point we saw the advent of significantly advanced Trojan malware platforms like Zeus.
2008 and Beyond: Virtualization and the Cloud Take Off
Around 2008, a new phase began with the adoption of an innovative technology that would later become the fundamental basis of many of the changes that we appreciate today in technology: virtualization. With the creation of private cloud infrastructures and the consequent application of these approaches to what we know today as virtual desktop infrastructure, or VDIs, we realized a level of flexibility by adapting our endpoints to an infinite list of use cases, with the added bonus of a substantial reduction of the physical equipment necessary to meet the demands of business processes.
This also enabled the development of the public cloud, and with it, the agile development of what we know today as cloud computing, bringing about the advent of things like social networks, smarter and more powerful smartphone apps, and the unprecedented generation of mass-data aggregated by an exploding myriad of Big Data platforms.
During this time we also witnessed the dawn of more sophisticated threats such as Conficker, Stuxnet, Duqu, and Koobface among many others, which operated by taking advantage of the added complexity in information technologies and their application/integration into all aspects of business’ and users’ digital lives.
Introducing The Internet of Things
With the further consolidation of public cloud computing and the democratization of Internet connectivity in societies, amplified by technologies such as 4G, we entered a new stage in which Software-as-a-Service (SaaS) became the norm, reducing the computational costs and allowing us to experiment with new technologies based on advances in artificial intelligence (AI) and machine learning (ML).
Today it is not uncommon to use their results on a daily basis when we perform online searches, interact with our virtual assistant, or use apps on our smartphones to automate almost any daily task we perform at work or at home. This generalization in the adoption of advanced technologies, and at the same time the enhancements in mobile endpoints with a computational capacity far superior to previous years, combined to create the exponential increase in complex applications of the Internet of Things (IoT).
Obviously, these advances and optimizations did not come without the consequence of the creation of a new, expanded attack surface leveraged by cybercriminals to implement novel ways to interrupt the proper functioning of infrastructures. We have witnessed security camera botnets used for denial of service (DDOS) attacks with sufficient power to knock ISPs offline in the United States, as well as multiple proof-of-concept (PoC) attacks that could affect autonomous vehicle technology, and the now-ubiquitous Ransomware-as-a-Service (RaaS) platforms halting operations in healthcare organizations and putting patients' lives quite literally at risk – a sobering thought in times such as these.
Enter Unified Endpoint Management
The expansion of what we consider to be an endpoint has incorporated the whole concept of OT networks and in a broader sense, IoT and with it, the need to have an umbrella under which we can manage this growing list of components in constant motion. Thus, the concept of Unified Endpoint Management (UEM) enters, as an evolution of the well-known Mobile Device Management platforms to address this need. Indeed, analyst firms such as Gartner recently initiated the first magic quadrant for this exciting new segment.
This new sector was defined as products that are capable of combining the administration of multiple types of endpoints with a unified console for configuration, administration, and monitoring functionalities not only of mobile devices with iOS and Android operating systems, but also covering the more traditional ones like Windows 10, macOS and expanding also towards IoT and wearables such as the Apple Watch.
UEM also acts as a coordination point to organize the activities of endpoint technologies such as identity services, security infrastructure and data protection. Gartner expects wearables and IoT management to become more central to this market as well, and the concept of Unified Endpoint Security (UES) is already being discussed as the evolution of the Endpoint Protection Suites segment in the search for omnipresent security in the enterprise.
BlackBerry has been at the edge of technological innovation for endpoint management for 35 years, and with their recent acquisition and integration of Cylance for the application of artificial intelligence and machine learning, the company remains ahead of the industry trend as pioneers in the consolidation of endpoint security technologies.
This combined capability allows us to bring the best of both companies to offer our customers Unified Endpoint Security with the introduction of BlackBerry Spark, an innovative new platform for Endpoint Protection, Detection and Response (EPP and EDR) and Mobile Threat Defense (MTD).