In this world of constant interconnectedness, where almost everything is done via the internet, online security is paramount. And the fact that life runs mostly smoothly depends on how safe the whole system is, according to American cybersecurity guru Ira Winkler.
With more than 30 years of experience in cybersecurity, Winkler’s resume includes a term as chief security architect for American retail giant Walmart, a stint as a computer systems and intelligence analyst at the US Department of Defense, seven books on cybersecurity and intelligence, and numerous industry awards.
A shining star in the Israeli high-tech firmament, Winkler has recently joined local startup CYE (pronounced sigh) as its field chief information security officer and vice president.
CYE has produced a unique system of protecting companies from hackers and other nefarious intruders that it calls Hyver, and Winkler has been tasked with promoting it in the United States. It is clear that cybersecurity and data protection are his passion.
according to Cybersecurity Ventures, the cost of cybercrime worldwide will increase by 15% annually in the next five years, and by 2025 that cost will reach $10.5 trillion per year. If cybercrime were a country, it would have the world’s third-largest economy, after the US and China according to Cybersecurity Ventures. Furthermore, says American security company Norton, more than half of all consumers have experienced a cybercrime or some kind.
Cybersecurity 'embedded' in our lives
It is not surprising, therefore, that Winkler believes cybersecurity is “embedded” in our lives, facilitating almost every aspect of our day-to-day activities.
“What we are doing is allowing a lot of things to happen that people don't realize could not happen without embedded cybersecurity,” he told The Media Line.
“People think ‘cybersecurity’ and they hear about the hacks, they hear about the disasters, but they never hear about the daily successes that are critical,” he said.
Winkler draws a parallel between data protection and road safety, the latter he points out is – ironically – not something for which Israelis are known.
“It's like making sure there are lines on a highway when you drive your car,” he explained. “These little lines are what keep people generally safe. Cars go on one side in one direction and the other side in the other direction; they stay in their lanes.”
And just like driving, he expands, cybersecurity is only effective when the user is taking every personal measure possible to remain safe.
“How despite the fact that my car has safety features built in, despite the fact the road has safety features built in, how do I personally drive safely?” Winkler said.
“Much like I realize that the entire internet has some good security built in, how do I drive the internet safely – which includes taking maintenance of their computers, which also includes making sure they travel to safe areas,” he added.
A key part of this safe driving online is “how [people] protect their data, where they give out their data and so on – and that's a major factor that everybody needs to be aware of.”
He gives the example of people posting their photos from their vacation on social media, without realizing that they are also announcing to potential burglars that their house is presently empty.
When it comes to companies protecting their data, Winkler refers to Hyver’s more sophisticated and unique method of cybersecurity, which utilizes the experience of Israeli specialists who worked in this field for the Israel Defense Forces.
“Hyver helps map out all possible attack paths and – given the people and the skill that we have from the Israeli military – if there's a way in, in theory these people will find it,” he said.
What happens then, however, is what Winkler says makes Hyver one of a kind. Once those attack paths are mapped out, “using the tools [and] machine learning, we're able to figure out specifically where are the best places to put in protection, detection and reaction capabilities.”
Crucial to Hyver’s system, he explains, is the understanding that “you cannot protect everything equally.”
Referring to the 80s movie Stripes, Winkler says that it is a weaker layer of protection – in the film’s case a stick at a border – can work as a “basic precaution,” with the knowledge that the cyber equivalent of the movie’s “bunch of tanks” is waiting further down the attack pathway and around the more sensitive data.
“In cybersecurity you can put up a stick which doesn't do much, but I don't need that stick in place as long as I have four tanks down the road. In a very complicated network, you can put the equivalent of four tanks at a pivotal point, even though there might be other vulnerabilities that are trivial to exploit,” Winkler explained.
“It doesn't matter that they [the hackers] broke the stick, because there's four tanks waiting for them as they go by,” he said. “It doesn't matter if you can exploit a certain vulnerability as long as people don't get to the goal that they're trying to get to.”
Ultimately, he says, there is no system that offers 100% protection from hacking and infiltration attempts, and users must accept that as a fact of life.
“You're never going to be free from risk; no tool is ever going to be perfect, that's a given. Anybody who tells you otherwise is a fool, a liar or combination of both,” he concluded.