The Bace Cybersecurity Institute takes a research-led approach to technical innovation. Only when we truly understand a problem can we begin to take steps to solve it. Our belief is that products and services born of solid research and understanding are fundamentally important to building a more secure world.
The first step to improving a system is to be able to measure the behavior and efficiency of the system.
Today, we are on an endless hamster wheel, developing, funding, and executing strategies to achieve industry-standard metrics. Yet, whether the metric is achieved, we continue to see undesirable symptoms - data breaches are on the rise, cybersecurity costs more every year, and customers have thrown up their hands and accepted that exposure of their personal information is the new normal. At BCI, we believe the reason for all of this is that we are working to achieve the wrong metrics. It is our goal to establish a new system of measurement - one that will guide organizations to adopt effective and robust cybersecurity programs that offer a more secure environment.
Most information systems today are designed on a single pipeline of trust. This means that any single vulnerability within the pipeline will allow a successful attack or denial of service. In addition, these pipelines have become increasingly complex as additional technologies are layered together - it is now almost impossible to analyze or test all components of a system. Adding redundancy through backups and high-availability fail-overs does not address the underlying problem. We need new questions, techniques, and methodologies to break these vulnerability cascades.
BCI is working with customers to understand their current information systems, trust pipelines, and resiliency techniques to help create systems that can be used today, in a modern network, to increase the robustness of information systems.