CyberMaryland 2015

The CyberWire –

October 30, 2015 –

Recognizing the Face in Front of the Screen (OptioLabs)

Also participating in the “Corporate Espionage and Insider Threat” panel was Gregg Smith, CEO of OptioLabs, Inc. We wanted to hear more from him about his claim that OptioLabs’ technology would have caught and stopped Edward Snowden.

Optio was founded in 2012 to bring to market technology developed at Virginia Tech (the company maintains a close relationship with researchers at Virginia Tech, and also at Vanderbilt and the University of Maryland Baltimore County). The researchers were responding to a DARPA challenge: how do we let senior officials walk into a SCIF without having to leave their devices in a box outside? The company’s initial technology, then, was a capability to lock down an Android device.

“Think of the Android binder as its post office,” Smith explained. “Any app has to flow through the binder.’ Optio’s technology is built around the binder to selectively lock down functions. That lockdown can be significantly context aware (geolocation and temporal contexts are easiest to discuss, but these don’t exhaust the system’s contextual awareness). They’re currently working on automating policies for devices used in regulated sectors. “We’re going to make market-specific policies. For example, HIPAA compliance would become a check box on a server.”

Smith described two of the company’s products, PrivateEye and Chameleon. PrivateEye leverages a device’s camera to provide continuous authentication that the current user is in fact the authorized, authenticated user. “It protects the last two feet” against visual hacking and physical loss. The system ties into credentials—stolen or borrowed credentials won’t match the face in front of the screen (and this, explained Smith, is how the technology would have quickly flagged Snowden’s romp through the enterprise). PrivateEye uses facial recognition as its biometric modality, and it features “continually updated facial learning” to account for slow changes over time in a user’s visage.

The sister product, Chameleon, is intended as protection against visual hacking—the deliberate or inadvertent look an unauthorized person might take at a screen. The system uses a gaze-tracker and can obscure a screen or display a bogus screen to anyone other than the authenticated user working at the device.

Asked about the downsides of using device cameras for security systems, Smith noted that one obvious downside is the tendency of many government organizations to exclude, as a matter of policy, cameras from their spaces. But this, he said, is changing, and cameras are returning to many of those workplaces. And of course, he added, OptioLabs recommends a suite of security measures to protect the cameras themselves.

OptioLabs also anticipates an Internet-of-things role for its Android technology—they’re working on extending their work to “Brillo,” Android’s IoT operating system. Smith sees considerable potential in this market.

Cheap to store, but expensive to secure

A session on “Corporate Espionage and Insider Threats,” moderated by Paul Rogers (Editor-in-Chief, Security Ledger) took up questions of “monitoring behavior, valuing data, quantifying risk and assigning accountability.” Panelists included Gautam Aggarwal (CMO, Bay Dynamics), Casey Corcoran (Vice President of Strategy, FourV Systems), Gregg Smith (CEO, OptioLabs), and Leo Scanlon (Acting Director of IA Security, US Department of Health and Human Services).

Aggarwal, CMO, Bay Dynamics’ Aggarwal reviewed what counted as an insider, and asked the audience to recognize that they no doubt have insiders whom they may not know. Risks are posed by both malicious and well-intentioned but misguided insiders. And malicious insiders come in at least two varieties: outsiders with stolen credentials, and true insiders who are intending their enterprise harm.

HHS’s Scanlon stressed the importance of the basics: identifying assets, and identifying legitimate behavior. You have to begin with policy, with separation of duties. “Data are cheap to store, but expensive to secure.” This paradox affects our ability to deal with espionage.

FourV Systems’ Corcoran observed (to general agreement) that it’s easier to recognize risky behavior than to have complete, well-structured systems of data. OptioLabs’ Gregg Smith noted that BYOD has made it essentially impossible to control where your data are. (He also said his product would have caught Edward Snowden; we’re going to ask him about that tomorrow.) The panel saw a trend away from BYOD (‘very chic-y” as it’s been) and back to enterprise-owned devices.

The panel concluded by observing that we tend to conflate very different things in our assessment of risk. Consider the difference between losing an easily replaced paycard and losing hundreds of millions worth of research invested in drug development.

Read full article here: CyberMaryland

Share this news