Defeating Cybercriminals: A New Framework for Trusted Digital Ecosystems
5:06
author photo
By SecureWorld News Team
Read more about the author
Sun | Aug 24, 2025 | 7:42 AM PDT

According to a recent presentation by Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4, current cyber defenses have failed to significantly mitigate threat actors and the threats they pose. In the SecureWorld webcast discussion, titled "Taming the Hacker Storm: Your Framework for Defeating Cybercriminals and Malware," Grimes outlines a framework for a new, pervasive, selective trust-based ecosystem to combat cybercrime. 

The problem 

Grimes highlights the pervasive nature of cyber threats, citing trends from these various reports: 

  • More than 1.12 billion websites exist globally, and 10% of new websites are malicious. 
  • Google's Safe Browsing service identifies more than 3 million potentially malicious URLs daily.
  • Most malicious websites are temporary, with Microsoft stating that 70% are active for less than two hours, and Google noting the average malicious site exists for less than 10 minutes. 
  • Most internet traffic is malicious, with Arkose Labs reporting 73% and Cloudflare's 2024 State of Application Security stating that nearly one-third of all internet traffic comes from bots, 93% of which appear malicious. 
  • More than half of all sent emails (57%) are malicious, and Gmail blocks 100 million malicious emails daily. Microsoft blocks 31.5 billion emails per year. 
  • Phishing is the leading cause of successful hacking, as 70% to 90% of all internet crime involves social engineering. While spear-phishing emails constitute less than 0.1% of all email attacks, they are responsible for 66% of all successful breaches. 

The core issue, Grimes argues, is the inability to reliably identify hackers and their creations. Because cybercriminals can hide their true identities and often operate from other countries, they cannot be reliably stopped, blocked, or arrested. This creates a situation with high profit and very little risk for the attackers. 

The solution: a pervasive trusted ecosystem 

Grimes proposes a solution called the "Pervasive Selective Trust" framework, which aims to make it more difficult for hackers to conceal their identities. This framework is built upon a "trust stack" of verified components. The goal is to create a pervasive, high-trust ecosystem where anyone can validate another's true identity before interacting. 

The proposed solution includes the following components: 

  • Trusted verified identities: This component moves beyond current pseudo-identities to "Real IDs" that are strongly assured and tied to a real person. Identity proofing can range from weak (email confirmation) to strong (in-person verification with official documents). 

  • Trusted devices: This involves ensuring devices are safe and secure through a "Trusted Hardware Boot" process, which starts with a cryptographic chip like a Trusted Platform Module (TPM) or Secure Enclave. Devices would also have a verified device ID digital certificate, securely stored on the chip. 

  • Trusted operating systems: This component relies on hardware-enforced hypervisor security domain isolation, such as that found in Qubes OS. The OS would also use secure boot and memory protections, starting with the hardware chip. 

  • Trusted applications: Applications would have a global, unique identifier and be digitally signed. They would also be securely coded, have secure defaults, and perform self-integrity checks. 

  • Trusted actions: Different actions would have different trust levels and require varying levels of authentication. For example, checking a bank balance would be a low-risk action, while transferring the entire balance would be a high-risk one, requiring additional authentication. 

  • Trusted networks: This ensures data integrity and security through measures like VPNs and HTTPS. It also includes verifying that a network and its nodes are known to be safe and are compliant. 

  • Trust assurance service: This is a two-tiered service. A Local Trust Assurance Service would interface with the user, managing their identities and helping set up new connections. It would also interface with a Global Trust Assurance Service, a "fully-funded, DNS-like" service that investigates submitted links and maintains global allow and block lists. 

Additional solutions

In addition to the pervasive trust ecosystem, Grimes notes other important solutions, including: 

  • More secure coding: Developers need to be trained and required to have secure coding skills. 

  • Better, faster patching: This includes more automatic patching without user interaction, and easier reversion in case of errors. 

Grimes concludes that many of the necessary technologies already exist, with most components requiring only a "ready or minor extension" or "moderate extension," rather than being completely new.

The webcast is available to watch on-demand here:  https://event.on24.com/wcc/r/5029630/55D300614252E3D8BACF5C35E6D1A045
Tags: Cybersecurity, Internet, Identity / Access Mgmt, Cybercrime / Threats,
Most Recent
Cybersecurity

Defeating Cybercriminals: A New Framework for Trusted Digital Ecosystems

Most Popular
Career Development

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

More Like This
Cybersecurity

The Dangerous Myth of 'Too Small to Notice'

Comments