Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

On Point: Q&A With Richard Forno

Richard Forno is a teaching professor in the University of Maryland, Baltimore County (UMBC) Department of Computer Science and Electrical Engineering, where he directs the Graduate Cybersecurity Program and serves as the associate director of UMBC’s Cybersecurity Institute. He is also an affiliate scholar at Stanford Law School’s Center for Internet and Society.
Richard Forno, a teaching professor in the University of Maryland, Baltimore County (UMBC) Department of Computer Science and Electrical Engineering, shares his thoughts on U.S. offensive cyber strategies. Credit: RezaArif-stock.adobe.com generated with AI
Richard Forno, a teaching professor in the University of Maryland, Baltimore County (UMBC) Department of Computer Science and Electrical Engineering, shares his thoughts on U.S. offensive cyber strategies. Credit: RezaArif-stock.adobe.com generated with AI

What are your thoughts on the government’s more offensive stance in cyber space?
This likely is a dangerous game. The country should use all the tools of national power to further national security and intelligence goals, but that only works—and the optics only matter—if you can resist similar techniques against us. Otherwise, you’re just poking the bear—rarely a good idea.

What’s your advice?
Don’t. Or rather, be thoughtful about the Pandora’s box you may open.

The country should understand that increasing the resources and attention of offensive cyber while eliminating defensive capabilities is a recipe for disaster. The United States is perhaps the most technologically advanced and networked nation, but we’re also the most vulnerable and targeted, as incidents like Salt Typhoon demonstrate.  

Strategically, expanding offensive capabilities while eviscerating cybersecurity agencies like CISA [Cybersecurity and Infrastructure Security Agency] and pushing responsibility for cyber incidents to the states is like invading Russia in winter without planning for snow and potentially overextended supply lines.

Is defense still the best offense? 
Absolutely, unequivocally, yes, especially since the private sector operates most of the information infrastructure underpinning modern society. We’re plagued by data breaches, ransomware and other incidents. But while large companies often invest in cyber defense and response (but are not perfect!), the same can’t be said for state and local governments, the soft underbelly of America’s cyberspace. 

Hospitals, public schools, tax offices and other local government capabilities touch American lives in a personal, intimate way. But research for our 2022 book on local cybersecurity showed nearly one-third of local governments couldn’t tell if they were under attack! Reasons ranged from lack of staff and funding to politics and bureaucracy. Cities, hospitals and schools should not be crippled by cyber attacks, but many CISA activities that provided trusted guidance, information sharing and proactive assistance have recently been eliminated.

National cyber defense is often boring, costly and doesn’t produce immediate, made-for-television results and talking points. Consequently, political leaders gravitate towards alluring, power-projecting, sensational offense. It’s like how buying new planes and ships is more popular with lawmakers than improving military housing, maintenance or base infrastructure.

This mindset exists at state and local levels, too.

 

 

 

 

 

Will artificial intelligence (AI) benefit cyber defenders more than attackers?
It’s far too early to say. AI certainly helps defenders quickly analyze and understand what’s happening on their networks, which can lead to more effective responses. New AI tools, such as OpenAI’s Aardvark, can help with secure software development. But AI also helps attackers develop more cunning network attacks and personalized social engineering attacks that may include convincing audio or video. To me, AI is just another development in the attacker/defender cycle.

How does UMBC meet these challenges?
We continue to view cybersecurity holistically since it’s no longer just bits and bytes for geeks to handle. We look at the technical aspects—and AI’s influence is a big part of that—but we also consider equally important human aspects. Our faculty research the economics of cybersecurity risks, the geopolitics of cyberwarfare and how military academies teach cybersecurity. 

We also are a resource regionally and globally. Through the Cybersecurity Institute, our cybersecurity clinic links students and faculty with state and local agencies to assess their cybersecurity posture and offer remediation guidance. The agency gets free help, and students get amazing experience in real-world operations. Our Center for Research in Emergent Manufacturing develops cybersecurity solutions for the defense industrial base and other supply chains. And we launched the International Cybersecurity Center of Excellence, linking researchers around the world to tackle bleeding-edge technical and social cybersecurity problems.

This column has been edited for concision and clarity.

Comments

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enjoying SIGNAL?
SIGNAL Magazine is available through subscription or as part of your membership in AFCEA.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA