Speed, Resiliency Drive Cybersecurity Ideas
Partnerships and ways to be interoperable critical going forward.
It is essential to learn from cyber attacks conducted by state and nonstate actors to define resilience for cybersecurity or cyber terrorism. "We need to develop a threat model for cyber resilience. We have to be prudent to distinguish between cyber warfare and cyber terrorism," said Anita T. Abbott, Ph.D., director, adjunct professor, Global Partnership and Development Ltd., during the TechNet Asia-Pacific conference.
Security is not a product but a process. There is no absolute solution for cybersecurity, reported Brig. Gen. Insub Shin, Korean Army (Ret.), director of cybersecurity architectures research, C4I & Cyber Center at George Mason University and vice president, Korea Defense Information Communication Association. There are two perspectives at work in responding. The engineer view focuses on protection and detection and the operational view focuses on retroactive/proactive responses, he added.
Often the technology systems are fit, but the humans can be the problem, said Air Vice-Marshal Andrew Dowse, head of ICT Operations and J-6, Department of Defence, Australia. "We look at the behavior of our people and how much risk they will take."
Information systems are the center of gravity for any mission we undertake, and we know adversaries will target our systems, he added. Nevertheless, we don't fully integrate cyber and mission assurance into training.
Brig. Gen. Paul H. Fredenburgh, III, USA, director, Command, Control, Communications, and Cyber (C4), U.S. Pacific Command, outlined what he sees as the key enablers to think about
First, he said, is adaptability on the human side. Over time, countries and the military have adapted to emerging technologies, then the machine gun and the tank, and now cybersecurity as a war fighting domain.
The next enabler is the cyberspace arena, he stated. This will allow us to maintain decision authority and to operate at a pace to make better decisions than our enemies.
We have to understand why we have the network and its advantages. It has always been an advantage within free societies to make decisions. We are not waiting for someone to tell us what to do. So we need to understand how to leverage this "so we can see more clearly and make decisions that are less wrong than our enemy," Gen. Fredenburgh suggested.
Resilience is another enabler, but it is not just one thing. It involves making progress in redundancy, in sensors, in computing capacity, in bandwidth and in connectivity. "We cannot afford to protect everything everywhere. How do we identify the critical functions that have to happen? How do we identify the critical cyber domain? How do we sort through the sensor data and turn it into knowledge with analytics?" he asked. Artificial intelligence could help leaders make decisions quicker.
Continuing to discuss enablers, Gen. Fredenburgh included interoperability. The country needs to build in ability to interoperate with our mission partners, he said. Allies and mission partners are critical, and "we will go nowhere without them," he stressed. We are overprotecting our information. It is part of our policy. Tactical and operational level information in a fight is perishable. We can strip off sources and provide that information to operators to ensure we can interoperate with mission partners, he suggested.