1. Resilience comes from “deterrence by denial”
When we think of resilience, we often use natural disasters as our frame of reference.
In his opening keynote remarks, Paul Stockton, former Assistant Secretary at the Department of Defense, argued that we need to apply our private sector knowledge in infrastructure (and the electric grid) to foreign cyber attacks on U.S. infrastructure.
2. Disinformation destroys mission assurance
Trust requires vulnerability; what level of consent should we give in relinquishing our privacy in the name of cybersecurity?
The more trust and vulnerability we have, the better—to an extent. As technology changes our brains’ neuroplasticity, so have our expectations and thinking-making with the pace of digital devices. The immediacy of social media has made it difficult to discern information from disinformation. Maintaining a healthy amount of trust becomes more difficult when half the information we see is fake.
Finland seems to have found institutional trust in the middle of this cognitive battleground. With a limited number of news sources, the availability of information doesn’t overwhelm—contrasted with the inundation of sources in the U.S., and the singular totality of information in Russia.
With trust at a discouragingly low rate in the U.S., we need a smarter approach to absorbing information. Behavioral science and data scientists can and should play a role in developing bias-free models and machine learning to identify threats.
3. IT and operational technology are not immune to cyber threats
Critical infrastructure remains the U.S. cyber weak link. As the Department of Defense and Department of Energy grapple with aging systems, the federal government has grown to rely more heavily on commercial infrastructure.
In planning scenarios, IT is the immediate focus. DoD expert Daryl Haegly argued that operational technology warrants a higher level of concern: the DoD has a growing laundry list of integration systems, operating software, and devices.
Paired with massive gaps in software security updates within agencies, China’s aggressive campaign to dominate IoT and use access to billions of networked electronic devices poses threats for intelligence, intelligence, and businesses.
4. As long as users click, phishers keep phishing
When Dr. Char Sample and Microsoft’s Diana Kelley began their work on firewall security, the DARPANET contained around 30 systems. In today’s IoT landscape, more systems exist in a typical residential home.
With 6.5 trillion signals moving through Microsoft’s servers every day, machine learning and AI have become crucial in operational technology and malware detection. Kelley’s new insights showed:
- 300,000 phishing campaigns analyzed in 2018.
- 8 million business email compromise attempts in 2018.
- 20 percent of users click on a malicious link in the first five minutes.
We can patch software, but can we patch humans? Users are a great first line of defense, so proper training and culture-building at an institutional and user level is key. Her tips:
- Create segmentation within your network. Flat networks are easier—and much riskier.
- Create destruction-resistant backups of your critical systems and data.
- Immediately deploy critical security updates for OS, browser, and email.
- Isolate (or retire) computers that cannot be updated and patched.
- Implement advanced email and browser protections.
- Implement unique local administrator passwords on all systems
- Separate and protect privileged accounts.
Resilience and mission assurance in 2019
This year’s cybersecurity events have revealed a glaring similarity between the public and private sectors: our operations remain vulnerable to clear and present threats. We’ll continue to reveal lessons learned and actionable takeaways that you can plug into your organization—and avoid repeating history.
CyberSci 2019 is Nov. 7