Retrospection vs. Prediction

Click to download PDF
Many years ago, I was watching the movie “A Brief History in Time” featuring Steven Hawking. In one of the scenes, a pitcher fell on the floor and shattered in thousands of pieces. And then, the scene was reversed, with the pieces coming back together re-creating the pitcher. That image has remained in my mind to this day.

When we think about future occurrences, they are a culmination of past occurrences. When things fall apart, they were once together. When things come together, they were once apart.

So, why is this important? And why is this important in the determination of risk?

Most approaches to determining the root cause of tragedy, or the root cause of breach, are based on the following approach:

1. Come in, inspect the evidence, determine motivation and actors involved. (simplified version).

2. Paint the composite and leverage that as the source of defensible truth. This is how we as a society take on these tasks, with the end game of attribution and ideally

some sort of punishment.

The problem with that approach in a hyper-digital age is this:

1. Prior to any occurrence, the data points existed in advance. Every communication, every action, every available resource was all there in advance. We just aren’t good as humans at putting them together prior to an incident.

2. The retrospective approach, did not stop the incident from occurring. While beneficial to create attribution, and potentially for modeling future incidents From taking shape, it is still retrospective.

The reality is, cyber and most other types of risk can be examined in advance. Prior to the occurrence. The data already exists. The conditions for an incident are set from the moment an adversary joins an initiative. The wheels of risk are in motion, almost always to be told only after. We as a society can do better. We have the data, we have the intelligence, we have the technical means to see risk in a new light, one that accounts for every action preceding every action.

This likely sounds as though I’m about ready to discuss Artificial Intelligence. I am. But, I’ll save that topic, and inherent bias for the next post. Stay tuned!

LATEST POSTS

November 10, 2018

Cybercriminals Using AI to fuel Hacking

November 7, 2018

Why Cyber Risk Management is Not Working

November 5, 2018

The Other Half of the Equation