BLOG

    CyberWire Daily Podcast Interviews Mike from Tide

    05 May 232 min read

    This interview from May 5th, 2023 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down with Mike Loewy, cofounder from Tide, who is suggesting that we should break the model so no one holds the keys to our data.

    Interview excerpt


    An organization called the Tide Foundation is looking to improve cybersecurity with a clever approach to access keys that splits them into millions of pieces distributed across servers around the world. Mike Loewy is co-founder of the Tide Foundation.

    Dave Bittner, Host


    What we're looking to do is to redefine the authority model in the digital world. Today, we have a scenario where the security of our systems and the protection of sensitive information is all, at the end of the day, reliant on blind trust, blind trust in the people that build, administer, and manage our IT systems. And what were -- those people today have effectively carte blanche authority over the sensitive information that these systems hold. And we're looking to redefine that. So that's no longer the case.

    Mike Loewy. Guest


    When we say blind trust, what exactly do we mean by that?

    Dave Bittner, Host


    ...even with the implementation of zero trust, we're still seeing the most horrific breaches in history, and breaches have increased in frequency and severity. And the reason for that is because no matter how much effort we put into applying that model of constantly verifying, and checking, and making sure that, you know, the -- whoever we're providing this access to is who they say they are. There is some kind of route authority, something somewhere that has to make that final decision of, can I provide access to this resource? Can you swipe and open this front door? Or can you access this file? And that authority lives somewhere on something and is administered by someone. And that means that there's always this kind of Achilles' heel that exists inside of a system, whether it's the identity and access management system, the firewall, whatever security apparatus it is, and there's no way to verify the integrity of those people administering those systems, whether there's mal intent or whether they're just human beings that make mistakes, accidentally click on the wrong links. That's what I mean.

    Mike Loewy, Guest

    ← Back to all posts

    News & views

    Loading...