Editor’s note: Sun appeared on Cyberchat in his personal capacity. His opinions are his own and don’t represent the views of any federal agency or the views of the federal government.
Charles Sun, government executive and IPv6 expert appeared on Cyber Chat with host Sean Kelley to discuss infrastructure, IPv4 and the need for quicker adoption of IPv6.
“Infrastructure and cyber security are really hard [when] separate from each other,” Sun said. “The fact that the network and infrastructure logs do not report a data breach does not mean your network is secure. We are facing a challenge where networks are attacked on daily basis.
Sun said “these are attacks are happening all over the world,” on average more than six confirmed data breaches a day, more than 53,000 reported security incidents and breaches last year alone.
Sun said this is due to the fact that most network environments are in between two IP stacks.
“This is especially true in the private sector. From my perspective, this is a huge challenge that both public and private sectors really need a different approach to. Just because you haven’t found the logs or the alarms haven’t gone off, it doesn’t mean that you haven’t been breached,” Sun said.
Sun said security information and event management (SIEM) has not brought the abilities or the clarity it promised with log management.
“I don’t think that SIEMs have produced what everybody thought they were going to produce from a tool standpoint,” he said, because of the dependence on human intervention for success.
Sun said there needs to be new questions.
“What can we do differently? Can we bring a different perspective or opinion to address the issues? How do you reduce the overall attack vector or attack surfaces?” he asked.
In addition, Sun said eliminating IPv4 from the network would enhance security.
“By turning off that legacy IPv4, [we] will achieve a great reduction of all the attacks and the threats that are experienced today. The fact that currently we’re running dual stack mode of operations of both IPv4 and the IPv6 is a great vulnerability to the environment,” Sun said.
A monthly show featuring interviews with experts in IT and Information Security discussing the latest trends and hottest cyber topics and challenges impacting the federal community. Follow Sean on Twitter. Subscribe on Apple Podcasts or Podcast One.