The opening panel at the recent Billington International Cybersecurity Summit assessed the global threat landscape.
During the panel, moderated by Dr. Dennis McCallam, Technical Fellow, Northrop Grumman, the panelists acknowledged that systems that have been in use for years are now posing threats. “We’re beginning to see vulnerabilities deep inside them,” said John Felker, Director, National Cybersecurity and Communications Integration Center, DHS.
Taimar Peterkop, Director General, Information System Authority, Republic of Estonia, agreed: “Solutions we’ve used for years have security flaws, such as Spectre, Meltdown”. He predicted we’ll have to continue to deal with more of these existing vulnerabilities moving forward. “Every day we have to face the existing vulnerabilities and deal with them.”
“It’s going to get worse before it gets better,” concluded Richard Oehme, Director, Cyber Security and Critical Infrastructure Protection, PwC Sweden and former Director of the Office of Cybersecurity and Critical Infrastructure Protection, Swedish Civil Contingencies Agency.
Cost of Entry
The landscape is daunting because the cost of entry is so low, said Felker. “You don’t have to be smart. All you have to do is go to the dark web and buy a tool.”
Russia, China, Iran and North Korea are all pursuing cyber operations as a low-cost tool of state craft, pointed out Robert Strayer, Deputy Assistant Secretary for Cyber and International Communications and Information Policy, U.S. Department of State.
Another major vulnerability, Stayer said, is the roll out of fifth generation mobile technology that is completely reliant on having just in time data for systems to operate.
Strayer called for publicly attributing attacks and intrusions to the perpetrators and implementing consequences for those acts. Jeannette Manfra, in a keynote during the summit, emphasized that point: Attribution is key as long as it is followed by concrete action. Manfra is Assistant Secretary, Office of Cybersecurity and Communications, NPPD, DHS.
Are We More Resilient?
McCallam asked the panel how ideas about resiliency have changed.
Felker recalled what former NSA Deputy Director Chris Inglis said. The bad guys are in your network. The key is keeping that bad actor from derailing your business.
Strayer emphasized the importance of information sharing and said there already is good international CERT-to-CERT cooperation, but information sharing must move to policy levels to be more effective.
All the panelists agreed on the need to create an environment of collaboration between the private sector and governments. Felker called cybersecurity “a team sport.”
Oehme said in Sweden the emphasis has been on public-private partnerships that have allowed the nation to recover more quickly from cyber attacks.
Peterkop noted that in Estonia they are working to create a culture that is agile and flexible. “If something unthought-of happens, we will be able to recover and to continue. The culture of the entire ecosystem is the government, businesses, academia proactively working together.”
Of course, there’s a rub. The problem is private industry complains the federal government won’t share classified information, and the private sector is loath to share proprietary information, according to Felker. The effort is to move forward to create a trusted environment, he concluded.
View the entire panel discussion here.