There will always be different opinions on how to best combat emerging threats.
As the move towards biometrics continues, MSPs need to step up and be the guardians of the galaxy. To fully secure their customers’ future network security needs, MSPs need to keep an eye on evolving technology, so they can be ready to secure it.
SmarterMSP caught up with Adam Pantanowitz, a lecturer at the University of the Witwatersrand and Sigularity University, who has done some ground-breaking work in the area of biometrics and security. Groundbreaking cybersecurity work is happening in South African labs, and universities and Pantanowitz is at the forefront. He has developed such innovations as an eye-controlled wheelchair, a non-cognitive brain transmission channel that uses light, and a thought-controlled robotic arm. Some of his other collaborative innovations include a hands-free controlled surgery interaction system, CPR monitoring system, and a computer-based sign language interpreter. This week, we look into the future by talking to Pantantowitz about some of his research and its cybersecurity implications for MSPs.
Our conversation with Adam Pantanowitz
SMARTERMSP: You’ve invented many items that operate via brain transmission. Do these provide more protection from hackers than traditional password-based devices?
AP: In the proof-of-concept devices we’ve created so far, we are generally leveraging existing technologies for various components of the systems. Therefore, vulnerabilities exist at various links in the chain of systems. Part of my intention in creating these systems is to raise awareness of the vulnerabilities that are present in the existing cybersecurity landscape (and more generally, get us asking questions about the future!) and to bring up conversations about if the systems we are using are appropriate for these types of biological signals and data.
SMARTERMSP: Are there components of these systems which would be more difficult to intercept?
AP: There are also certain components of these systems which would be harder to intercept — for example, using light to propagate information. Systems like the ones we work on can be greatly beneficial to society, but we need to ensure that we consider these factors ahead of the adoption curve and consciously choose our trajectory. I also predict that there may be biometric potential for brain signatures, but that it isn’t practical enough to consider, as the technology is confined mostly to medical sciences.
SMARTERMSP: How do you provide security to some of your IoT inventions that work by eye-control or brain transmission?
AP: These systems, being proof of concept innovations, are generally operated in controlled conditions. One of our highest priorities is in considering safety for the user (so we use electrical isolation, etc).
In some projects, like “brainternet,” we are explicitly aware that we are sharing the generated biological information publicly (as the project is to open-source our EEG signals). In other projects, such as when controlling machinery, we either use these in closed networks, or we use standard security practices.
As technology becomes more complex, it will be important to focus on the #security and safety of users. #IoT #Biometrics
However, these systems are in controlled, low consequence environments. The risks for these systems out in industry and society are real, so we need great consideration of how to secure and protect these IoT devices. As we move from separation from technology to greater integration, it will be more and more important to tackle these aspects of security and safety. We are moving from a time of robotics being isolated in factories to being collaborative, not only in factories, but in our daily lives. There is no doubt that the present trend is moving to being more physically and mentally connected and integrated with technology.
SMARTERMSP: What are some of the security risks with these types of inventions?
AP: The risks I believe are quite real in five areas of concern going into the future:
- Misuse of information
- Data integrity being compromised
- Compromising access control
- Inappropriate access/control over devices interfacing with the body
SMARTERMSP: How concerned are you about biometric security breach potential?
AP: These are concerning areas because each has major implications for systems that we are in direct contact with and systems external to us (such as those with access control).
However, while the described systems are being developed, we have other technologies gaining traction, which may help to mitigate some of these risks — provided convergence of these technologies happens in enough time. Some appropriate tools may include:
- Decentralized data storage and fragmentation
- Contained light based networks
- Dedicated communication channels for specific functions
- Quantum communication channels
All these technologies need field testing and adoption. Better security may come at the convergence of some of these.
SMARTERMSP: MSPs are overseeing security in workplaces where they are providing patching, firewalls, and sandboxing protections. How do these cognitive devices change the security equation for an MSP or CISO?
AP: Should these types of devices come to fruition and find their way into our day-to-day lives in the future, I think the concern will potentially exist in contexts that are not limited to just the workplace.
However, if the devices are used primarily in the context of work, they may fall into the scope of an MSP to consider security for these integrated human devices and their associated interactions. Should there be biometric benefit from the devices, they may help enhance access control security postures. If they become augmentative devices, we have to consider them as part of the scope of our network (unless our infrastructure changes), and thus consider all of the relevant nuances that come along with that. My outlook is that we need to rethink our carrying biometric data over existing network infrastructures. We have seen a similar conundrum with the personal smartphone in the workplace — it’s a very complex challenge that has a variety of solutions, from policy to practice.
SMARTERMSP: Do you think the medical future is moving towards devices like the ones you have invented, hands-free and controlled with thoughts or eye motion?
#Biometrics has great applicability in many domains and the potential to greatly influence our daily lives.
AP: Medically, I think that wearable devices are going to play a much greater role, specifically in diagnostic medicine, where patients can gain movement freedom, no longer confined to monitoring in a hospital bed. Furthermore, the ability for practitioners to free up their hands makes a lot of sense, and these technologies can impact patient and operator safety, sterility, and a variety of other domains in healthcare. I also believe that breaking out of the medical context makes for some exciting potential innovations. Though the work we are doing is medically motivated, it has great applicability in many domains and the potential to greatly influence our daily lives.
I certainly think that the field of human-computer Interactions has great room to expand, largely driven by economic forces. Should the costs make sense and devices find practical ways to integrate into our technology, we will see those devices moving in that direction. I personally believe that humans are going to be integrated with computers directly, through our neurology, for augmented functionality. I predict that there are even more exciting changes on the horizon in how we interact with machines.
Photo: Vlasov Yevhenii / Shutterstock