To move forward with cybersecurity we must 'battle our own complexity' says Darktrace founder

'There's an awful lot of hype out there'

To move forward with cybersecurity in an increasingly hostile landscape, we must "battle our own complexity", Darktrace co-founder and director of technology Dave Palmer has said.

Speaking at Computing's Enterprise Security & Risk Management Summit in London today, Palmer said:

"I feel very strongly that while we hear all the time that attackers are motivated and innovative and I guess we can take that as read, fundamentally these days [attackers] just have a lot of places to attack.

"And our customers, employees and board members all want the latest technologies and the opportiunties that come with it, and yet most of us are also facing significant inertia - old stuff, legacy that needs to be maintained and protected. Making that even more challenging is that computerised defences are typically very specific. We have to tell them exactly what to do, and exacrty what to stop."

Palmer explained how this produces "an enormous expectation" on existing defensive teams.

"We expect them to internalise the complexity of everyone and every thing inside our digital businesses.

"We ask them to imagine all future risks, and future possible attacks, and then implement future possible attacks and then implement protections while trying to balance that with business operations."

When you put all that together, said Palmer, "it's unsurprising that it's impossible to get that right 100 per cent of the time in all the different businesses in our economy."

Palmer said he believes that "battling our own complexity" is the key.

"I dont't believe there is any meaningful narrative around battling attackers," he said.

"We can't influence attackers, but we can start dealing with our own complexity and having a better grip of what's going on there.

Palmer said that with IoT there's "an awful lot of hype out there" but "when you get to the underlying sciences, they're just fundamentally new ways of handling the complexity".

"And if complexity is a real problem for us, then having new techniques to be able to deal with them is extrmelt useful."

"No single algorithm"

However, Palmer warned delegates to be aware of catch-all solutions in the marketplace.

"There is no single algorithm out there - AI or otherwise - that is capable of dealing with all the complexity of people and devices in the digital world," he said.

"If someone is trying to sell you a particular one algorithm, then I would definitely suggest trying that out and seeing what its limits are.

"The reality is you have to use all sorts of mathematical techniques to represent things as simple as a thermostats or a smart TV in a meeting room, particulalty for your CEO or salesforce as they move around the world. We use dozens actually. We use many dozens of layers of machine learning and probability theory."