Enterprises Defending Their Cyberspace

It seems as though it took place ages ago, but it was not that distant: On July 19, 2024, one of the most severe IT disruptions in recent history unfolded. The implications for manufacturers are being hotly debated. Now, there’s a new approach to cybersecurity—one that promises to address the problem more effectively.

Looking backwards, it started with a faulty update released by CrowdStrike Falcon, the world’s most widely used Endpoint Detection and Response (EDR) platform. It caused more than 8.5 million Windows endpoints to crash simultaneously. A single misconfigured rule, intended to detect malicious behavior, triggered widespread system failures. The result was an unprecedented paralysis of essential services across sectors, including healthcare, air travel, public administration, and financial systems.

Beyond the immediate technical impact, the incident exposed structural weaknesses in the global digital infrastructure architecture:

• First, it underscored the dangerous monoculture that has taken hold in cybersecurity: overreliance on a single vendor transformed a localized mistake into a global outage.
• Second, it revealed that update management practices, still largely based on mass rollouts with insufficient isolation, are unfit for critical environments.
• Third, and most critically, it showed that in the absence of autonomous containment mechanisms, even high-security systems cannot prevent the propagation of failure. Had the update been malicious rather than accidental, the outcome would have been essentially the same.

This event must be understood not simply as an operational failure, but as a structural failure in system design. It forces us to ask difficult questions: How can we design digital infrastructure that withstands not only failures, but surprises? How do we prevent a technical anomaly from becoming a collective collapse? The answer is no longer to build higher walls around a centralized core; it is to reimagine how updates are delivered, how communication is maintained, and how threats are contained, even during systemic breakdowns. This is precisely where current scientific research is heading.

Resilience as a Design Principle

Over the past decade, academic research in computing systems has increasingly shifted from centralized, deterministic architectures toward distributed, resilient, and adaptive paradigms. Fault tolerance has become a foundational property in the design of modern systems, particularly those operating under conditions of uncertainty, attack, or partial failure. The focus is no longer solely on preventing downtime, but on ensuring coherent, degraded operation under stress. Innovations such as adaptive replication, incremental checkpointing, and Byzantine fault-tolerant protocols enhanced by machine learning are enabling systems to anticipate, contain, and recover from a wide range of disruptions.

Equally transformative has been the evolution of software update strategies. The once-unquestioned practice of deploying updates globally and simultaneously is recognized as hazardous, especially in critical infrastructure. Instead, new models emphasize gradual rollout, rollback automation, and runtime observability. Canary deployments and blue-green strategies allow systems to identify regressions before they reach production at scale. Meanwhile, frameworks such as The Update Framework (TUF) are reshaping the trust model of update supply chains, introducing threshold signatures, multi-role verification, and immutability through distributed ledgers. These safeguards protect not only against technical faults but against deliberate tampering, as seen in sophisticated supply-chain attacks like SolarWinds’.

Simultaneously, the limits of traditional communication protocols, such as TCP/IP or BGP, are becoming increasingly evident. In order to understand this better, I asked Giovanni Patruno, CTO of the Italian-based cyber-tech company bitCorp s.r.l., to explain.

“As the demands of mobility, security, and resilience grow, alternative network architectures are emerging,” said Patruno. “Clean-slate designs like Recursive InterNetwork Architecture (RINA) and SCION propose new protocols for communications, decentralization, and cryptographic validation at the routing level. SCION, for example, enables authenticated multi-path routing and failure isolation through isolation domains. Peer-to-peer encrypted overlay protocols, such as GNUnet, CJDNS, and the newly proposed Transport Encrypted Protocol (TEP) , go even further, replacing DNS, IP addresses, and centralized routing with distributed identifiers and fully encrypted paths. These systems can operate even during large-scale outages, censorship, or network fragmentation”.

Cybersecurity is also undergoing a shift from static defense to dynamic containment. Zero Trust architectures are dissolving the concept of “trusted perimeters” and replacing it with continuous identity verification and micro-segmentation. In tandem, platforms for real-time, distributed threat intelligence are enabling cooperative defense ecosystems, where intrusion detection, honeypots, and AI-assisted classifiers share signals and learn collectively. Blockchain-based models add trust and integrity to this intelligence-sharing process, while collaborative intrusion detection frameworks allow organizations to detect emerging threats before they become endemic.

These research trajectories, fault tolerance, secure update deployment, resilient communication, and adaptive threat response, converge on a shared principle: future systems must not merely prevent failure but be designed to function through it. The next generation of digital infrastructure will be defined not by centralized strength but by distributed survivability.

From Theory to Practice 

One of the vanguards in research on distributed systems applied to cybersecurity and AI is the aforementioned bitCorp, which draws inspiration from the Olivetti method, tackling this new scenario with a vision rigorously based on research and, at the same time, courageously looking to the future. Its operational philosophy is built on three interlocking foundations: live distributed threat intelligence, context-aware deployments with rollback assurance and an original, patented communication protocol, TEP, designed for continuity under the harshest conditions.

According to Patruno, “the future of infrastructure will not only be protected by firewalls, but by design principles that ensure systems resiliency.”

bitCorp refuses to treat software updates as uniform artifacts. Each deployment is tested in an isolated environment modeled on the client’s infrastructure. Updates are rolled out progressively, canary-first, with automated rollback logic, and monitored in real time. If anomalies emerge, they are contained before reaching production. This client-specific deployment model may appear slower than mass rollouts, but the result is dramatically improved reliability and reduced risk. It ensures that resilience is tailored, not generic; proactive, not reactive.

Additionally, bitCorp is advancing research in distributed cybersecurity intelligence. Its internal telemetry platforms support the real-time sharing of threat indicators across independent domains, allowing for rapid collective defense without compromising data privacy. Rather than relying on centralized SOCs or perimeter firewalls, bitCorp’s model promotes a network of informed and autonomous agents, each capable of detecting, containing, and reporting suspicious behavior. These systems do not simply detect threats; they isolate and neutralize them before they propagate.

bitCorp’s TEP is notable. As Patruno puts it, “TEP could act, in the future, as a fallback Internet. It ensures that communication—the foundation of any digital system—can never be taken down by centralized point of failures.”

TEP is a peer-to-peer encrypted transport and routing layer that bypasses conventional IP routing and DNS. Instead of identifying nodes by IP addresses, it uses cryptographic keys derived from distributed ledgers. Each packet is wrapped in multiple layers of encryption, much like onion routing, and is dynamically routed through a mesh of peers based on encrypted metadata. The result is an architecture that survives censorship, infrastructure collapse, and coordinated attacks.

Unlike theoretical research projects, TEP is already being tested in real-world conditions, edge computing, industrial IoT, and emergency communication zones. It is designed to coexist with existing infrastructure (e.g., over TCP/IP, 4G/5G), but also to operate independently when that infrastructure fails. In essence, TEP creates a parallel, decentralized network layer capable of supporting critical communication when nothing else is available.

Through TEP, bitCorp is not merely securing information; it is securing the right to communicate. This vision extends beyond cybersecurity; it is about designing digital ecosystems that can endure uncertainty, resist disruption, and adapt in real time. In a world where the flow of information defines both economic function and societal stability, that capability is not optional, it is existential.

bitCorp does not offer just specific products; it proposes a new operational doctrine for the digital era: decentralized by design, intelligent by behavior, resilient by architecture. In this doctrine, security is not a patch, it is a property of the system itself. And Patruno adds that “communication is not a privilege, it’s a guarantee of continuity.”

[1] U.S. Patent US 11,799,659 B2