Dear Cyber Security Friends,
I am not sure if you are all familiar or have heard of the US National Vulnerability Database https://nvd.nist.gov/
The National Vulnerability Database (NVD) is a government repository of standards-based vulnerability information. These are published as Common Vulnerabilities and Exposures (CVE’s).
I often work with various government agencies and the NVD is a key resource that NIST provides not only to the US Government for security management & compliance but the private sector can use this repository as well.
You may ask why is this a “frightening pulse” on cyber security Kyle?
The database is a fantastic tool; however, it is also very telling of the “real” cyber threat and fight we are collectively up against.
A few key facts:
- Since the NVD was created (1997) – there have been 76,000 CVE’s posted – yes 76 thousand plus Common Vulnerabilities and Exposures
- Last year there were 7,029 posted CVE’s – in a year.
- This year to date, over 1,773 and counting published CVE’s
This in my opinion raises a critical question: when will the NVD stop increasing?
With the increase focus of IoT and the pressure to bring innovation to market; I see the NVD exponentially increasing which is frightening to me and may require this database to incorporate an additional risk metric: risk to human life.
CVE’s in innovative technology disciplines like BioTech, IoT, etc. will no longer be “just” a risk to a corporation from a fiscal, digital asset, or intellectual property perspective. The risk will incorporate human life causalities: employees, customers, or innocent humans impacted by an event that could be catastrophic in nature.
What can “we” do to stop it? The more we place passionate humans in cyber security positions the more we start to raise the collective conscience and awareness of how critically important it is to secure any product and or service from the beginning – inception. Security built in as opposed to security being bolted-on will allow us as a carbon based life form to embrace innovation and truly impact the human condition beyond “anything” we could have imagine.
A scenario for you: BioTech & Nano Technology
Right now in theory; there are discussions of utilizing Nano Technology; mini-robots injected into the human body to allow doctors the ability to diagnose, combat, cure, and eradicate disease at the “molecular” level. This would rise to the opportunity to have Nano bots inside our bodies that investigate each cell to determine if the cell is “healthy”; if not it would then fix the unhealthy aspects of the cell.
Pro’s – curing and eradicating diseases like cancer
Con’s – the ability to create a human virus at a molecular level that could eradicate / kill based on a single genome / chromosome / trait.
I have often said; cyber security goes beyond the firewall, beyond financial transactions, beyond compliance adherence. Cyber security truly can be mapped to protecting humans and our way of life.