The idea of property and a neighbor is easy.
The idea of digital and cyber and a neighbor is hard.
The first set is visible. The second is invisible. One exists in real space. One is ethereal.
Property - it’s houses, cars, trucks, machines, buildings, businesses, infrastructure, products, and more. Real things with real people and real-world locations - a very physical world with names, addresses, and contact information. Things you can see. Things you can touch. Very relatable parts of any real neighborhood things. (Save intellectual property for another time).
Digital and cyber are not that. They exist in an e-world where everything is e-real.
Every memory storage location and every processing chip can be thought of as having their own names, addresses, and contact information, but only in an e-real way. On the internet, there are IP addresses. The physical device could literally be anywhere, but in compute logic, it’s all just a bunch of slashes and dots away from any other device any-e-where as one address can route and link to others.
A home or building sits on land or a lot all uniquely assigned mutually exclusive coordinates. Data scattered among redundant arrays of independent disks do have their own addresses with 1’s and 0’s, but these can be overwritten or even erased as well as copied and stored in multiple places which may move around. Similarly other storage mechanisms, including cloud storage, are also in play. Everywhere your data move may be considered another neighborhood, and if their prior instance is not scrubbed, that ghost trace is a latent neighbor that you didn’t know you didn’t know about.
These addressable endpoints also include situational features - like operating system, software version, patch sequence, and other options that reflect what is going on at each endpoint. As with an open window on a rainy day, you would have wanted it closed if you knew what was going to come through it. The stakes are higher when an interloper is looking for open doors and windows, or as digital/cyber relates, ports and vulnerabilities.
Just as a house has doors and windows that can be locked or left open, each digital address (IP address) has services and software that can be secured or exposed. But even locked doors can have weak locks or hidden flaws—some locks are easy to pick, and some windows can be forced open. Similarly, even protected digital services can have vulnerabilities that skilled attackers can exploit. Sometimes an indirect approach is easier, like posing as technician to a call center representative to open a door unwittingly.
We are becoming more comfortable with the concept that digital equals information, digital equals data, and digital channels are ways of interacting with these.
We are in a transition to the mindset that everything now is data…. Desktop and remote is how we imagine and represent the people, places, and things in any real neighborhood.
But we are just at the threshold of understanding that these representations stored in the ether of the internet are living in invisible cyber neighborhoods.
We can think of a cyber neighborhood where every computer core or memory storage device in a chip, circuit board slot, machine, server, rack, network, sub-network, datacenter, platform, cloud, cloud region, etc. is like a real-world rooftop address geolocation or even a rally point like a pin drop or a WhatThreeWords Earth pixel.
The programmers, administrators, hackers, programs, bots, code, communications, protocols, APIs, and AI agents are neighbors under those rooftops and around those locations.
Some compute environments are like an owned and occupied home by the same person for decades, others are like a rent-by-time-slice hoteling office, and some are like a dark alley or underpass with shady dealings and no identity required.
(Read also: “No one can hear an AI scream in cyberspace…” from ITL.)
The reality of “bad neighbors” in the real world and “bad neighbors” in cyberspace is stirring the insurance world and the risk marketplaces.
There has been a sector rotation in cyber criminal appetite turned toward P&C this year, and an unfortunate horizontal weakness is currently in active exploit with a popular CRM system product. Whether targeted or opportunistic, the e-safety of the insurance neighborhood cannot be taken for granted.
The idea of a safe neighborhood or a dangerous one can transfer between real and e-real constructs. Safety as an index can be ephemeral when exposed to a threat and quickly remediated, or it can be structural and lie undetected while exploited at scale, a false presumption of safety. When, not if, hidden exploits are uncovered, the assessment and remediation processes cycle anew.
The risk of the e-world is constant and global. This is unlike real world perils like watching the track of a hurricane, which is seasonal and geospatially proximate.
Primacy and recency of cyber threats are the constant reminders of what is less imagined - our digital neighbors in our digital neighborhoods are in a continuous state of invisible digital churn. Any time we share any digital resource, there are others sharing it, too.
While there may be some examples of isolated computing with no connections, communications, hosting, integrations, or application programming interfaces, the most common enterprise IT situation is multiple core systems interacting on premise and intra/inter cloud resources with vendors, third parties, and partners.
It is difficult to delve into the wildness of internet cyber situations; some are inherent, while others are sporadic. Some are software- or hardware-related that appear accidental with incidental vulnerabilities, and others are thoughtfully crafted exploits by human ingenuity, now adding AI capabilities.
Regardless of the nature of the cyber risks, the level of connectedness and the risk across connections may vary user by user, company by company, machine by machine, software by software, interface by interface, network by network, platform by platform and cloud by cloud.
Like people and businesses occupying houses and buildings in the physical world at literal addresses using a variety of names and aliases, the digital world can be seen in a similar fashion.
Company computer infrastructures and their cyber vulnerabilities span a spectrum of more fully controlled with more uniform homogenous cyber risk (walled garden and locked down with dedicated security and engineering) to widely distributed with dynamic heterogeneous cyber risk (hosted on multiple platforms with multiple networks with different management systems and software and haphazard oversight of many participant digital neighborhoods and denizens (people, businesses, robots, and AI agents, etc.).
From a moated castle to a flea bag hotel the risk of both the infrastructure and the neighboring occupancy is an analogy of the consistency or inconsistency of cyber risk, which will vary over time. A bad actor can get into a castle but then be confronted and mitigated. But a bad digital neighborhood leaves more at risk more of the time.
What is invisible to the eye is the infrastructure connectedness of extended digital networks. Many castles working together may tunnel to each other. Many discount motels may do the same. Throw in a crime-ridden abandoned building drug den and you get a deteriorating sense of what could be out there - invisibly except for digital means.
So... a long wind-up.
Extending the analogy just a bit further, some digital means look at all the doors and windows of all the spaces known to belong to a company or to be transacted by the company and another. But these approaches don’t include all the adjacent and proximate spaces to those. These are “glass partly full” covering approaches that combine strength and efficiency but lack comprehensiveness.
The concept of watching and recording hundreds of millions of internet domains and billions of interactions between them and archiving those observations across a decade and more seem too large for assessing any single company’s risk. But someone has done it, for a different business reason than cyber assessment. Now comes the serendipitous epoch of cross purpose innovation - re-purposing an existing asset for a new use case.
The fabric of a connected, internet-wide data infrastructure permits the rollup of sub-networks, networks, domains, and “ultimate domain,” which tie information across the digital world into a form where it can be linked to legal entities. This is where cyber risk at each digital rooftop can be assessed and aggregated to a building, block, tract, region, and so on to score the whole of the risk as an algorithm of consistency over each of its parts. These parts can be associated logically to the legal entity level and a new understanding of cyber risk can be attributed, aggregated, and accumulated like never before.
This capability to assess organizational risk across complex and otherwise invisible connections is novel and useful. As cyber threats change over time, and legal/digital entities also change over time, the continuing dynamic assessment adapts and creates information to act on.
Turning data into decisions and actions makes this process valuable. And that value can be achieved by incorporating these data, analytics, or both, into modern digital and cyber analyses and risk management and monitoring solutions. Using multi-level risk scoring that can count and analyze the number and severity of vulnerabilities at each level will let you see not just where the problems are but how serious they are.
Ensembles of data and analytics most always deliver more robust solutions.
