DEV Community

Dmitry Sorokin
Dmitry Sorokin

Posted on

Opportunities for CyberSec teams

Imagine being called into the CIO's boardroom and asked, "Why is your team using a collaboration tool that doesn't even have end-to-end encryption?"

Image description

Where would you go with this?

Possible answers: 🤔😂

  • “The team is familiar with Slack. I wouldn't want it to be replaced.
  • "Microsoft Teams is free."
  • “The faucets are always dripping in the plumber’s house, and cobbler’s kids are notorious for running around barefoot.”

While there's a lot of truth to "you'll never get fired for buying /* insert a big brand */", there's a lot more truth to "you'll definitely get fired for not following the basic precautions that make hacking much more difficult."

Conventional solutions de facto do not meet the standard

While it doesn't make sense, most cybersecurity teams use a combination of Slack and Signal.

Image description

Slack is not even encrypted with end-to-end encryption - everything will remain in plain sight for anyone who gets inside. And while Signal has E2EE, it doesn't have enterprise functionality (given that Signal was never intended to be an enterprise application). On top of that, both systems are centralized, which creates single points of failure and vulnerabilities, and makes them a huge target for attacks.

Battle for replacement

Image description

The difficulty, especially in large organizations, is convincing others to upgrade to something that actually serves the purpose.

That's why we've created a _checklist _that we hope will give you all the content you need to appease the various layers of bureaucracy and help you navigate your internal processes to make the right choice.

This guide asks a few simple questions to engage colleagues, including:

🗣 Does your collaboration platform provide a fundamental layer of security so you know who you're talking to?

If it's not end-to-end encryption and cross-signed device verification, then it's definitely not an option. Both are essential to building a truly secure messaging platform. Working side by side, they secure your conversations and, in turn, give you the confidence that you're talking to the right person.

🔒 Are you in full control of your data?

If you're using a traditional, centralized SaaS platform, then it's unlikely. An on-premise solution or hosting service with independent persistence is the only way to guarantee true ownership of the data. Not only does this make your information more secure, but if it's based on an open standard, it also gives you the freedom to choose between local or various other hosting services.

🤝 Can you easily communicate with your external network of cybersecurity experts?

If you're looking at "walled gardens" like Slack and Signal, the answer is no. Think about how you can send an email to anyone, no matter what email client they might be using. This is what the Katya ® 👽 AI 🧠 REChain 🪐 Blockchain Node Network standard provides - the interoperability you associate with email, but with the security of end-to-end encryption.

💪 Is your platform resilient to various kinds of adversity?

Centralized systems are prone to global outages, so not for Slack, MS Teams, or Signal. A decentralized fabric infrastructure that provides data independence and autonomy also creates a much more resilient network.

Image description

We know, just like you, that real-time communication is critical to cybersecurity, and the confidentiality of the discussion requires end-to-end encryption and full ownership of the data. Slack and Microsoft Teams provide neither.

Cybersecurity teams need to be among the first to take advantage of the new era of encrypted enterprise-grade collaboration and messaging.

Image description

You need to provide end-to-end encryption by default and an open network to connect easily and securely inside and outside your organization, ensuring full ownership of your data and conversations, whether such a network is deployed on-premise or entirely hosted and managed externally.

Sincerely,
Dmitry Sorokin,

403 Gone
REChain, Inc
Katya AI, Systems
Katya, Inc
Katya Systems, LLC
REChain Network Solutions

Top comments (0)