The Vatican Apostolic Library’s digital security guard is doing more than shielding hundreds of historical texts from cyber threats, according to the library’s chief information officer – it’s guarding the library’s reputation.
Founded in 1451 by Nicholas V, the Vatican Apostolic Library is home to some of the oldest and most important collections of historical texts in the world, including the oldest surviving copy of The Bible. The library started the digitization process in 2012, and it has currently digitized around 20,000 of the 80,000 manuscripts – starting with the most unique, most famous and fragile pieces.
“Digitizing for preservation requires digital preservation; we have to protect our online collection from cyberattacks so that our readers can trust the records are accurate, unaltered history and so that they can rely on their constant availability,” Manlio Miceli, chief information officer for the Vatican Library, told the publication in an email.
If ransomware doesn’t kill you, the downtime will, says Datto report [Channel Daily News]
Majority of Canadian cyber incidents happen due to poor cyber hygiene, new report says [IT World Canada]
The Vatican library has partnered with AI cybersecurity firm Darktrace to prevent further attempts to steal and manipulate its digital collection. The growing threat of ransomware is one of the library’s biggest fears.
Powered by an algorithm that evolves thanks to a solid understanding of the ‘normal’ activity within the Vatican Library’s digital systems, Darktrace’s cyber AI detects significant changes that may suggest an emerging cyber threat. The digital archives face roughly 100 threats a month, according to David Masson, director of enterprise security for Darktrace, in an interview with IT World Canada.
“What we do is learn the pattern-of-life of everything inside the Vatican library’s networks or digital infrastructure. If we know what this pattern-of-life is, we can easily see any changes that take place in it at any time, and this allows us to see attacks in very early stages, which means we can stop them before they cause any damage,” Masson said.
A successful attack on the library could see the collection stolen, manipulated or deleted altogether. While physical damage is often clear and immediate, an attack of this kind wouldn’t have the same physical visibility. This has the potential to cause enduring and potentially irreparable harm not only to the archive but to the world’s historical memory. In the era of fake news, these collections play an important role in the fight against misinformation. Defending them against these kinds of “trust attacks” is critical, explains Miceli.
“What is clear from the current threat landscape is that you cannot throw people at this problem – you need to augment human beings with technology that understands the shades of grey within very complex systems and fights back at machine-speed. AI is a term that is surrounded by a lot of hype today, which can be unhelpful. We have an extremely small security team managing two very large data centres – for us, AI is delivering value in the real world. You could think of it like this: our colleague is an AI that never sleeps, doesn’t take breaks and can spot and investigate more threats than any human team could,” Miceli wrote.
The software makes decisions in seconds about what is strange but benign and strange but threatening – and not only does it detect the threat, but it writes up its own human-readable report on security events for Miceli and the rest of his team, as well as his bosses. Miceli says the AI does this “nine times faster than a human analyst ever could.”