14 June 2017

Complexity of developing a cyber defense strategy

by Kevin Coleman

Creating a cyber defense strategy is an extremely difficult undertaking to be sure. Given all that is at stake, it is essential to ensure it serves the needs of the United States today and for years to come. The last thing any of us want is to have to change the strategy every time there is a new actor-led or technological threat, or when some new aspect of the internet and associated technology is implemented.

Let’s face it, there are not too many things that are as ever-changing as the internet and all the devices and equipment that gets connected to it! It is worth noting that several commercial and research organizations are hard at work integrating artificial intelligence into cyber defense. While that is an indicator of the complexities of the environment, it should also be worth noting the complexities that come with most cyber defense solution sets.

Estimates suggest that each month, 328 million new devices get connected to the internet. Each one of those devices could be a new sensor or other information-gathering mechanism. Now for the dark side: Each one of those devices becomes a potential point of attack; and worse, they become a potential weapon in a distributed denial-of-service attack. Another important aspect of the complexity of this topic is the segmentation of the environment. Analysis of this problem set produced the following segments, each with its own unique characteristics that add to the complexity and require somewhat of a different cyber defense strategy.

The private sector business side

Small businesses

Midsize businesses

Large businesses

The complexity of dealing with private sector aspects of complexity are due primarily to their role in critical infrastructure and their influence on other essential service/contributions.

The private sector not-for-profit organizations

Small

Medium

Large

The complexity of dealing with not-for-profit organizations’ aspects of complexity are due primarily to their role in influential aspects of our country, such as political parties as a recent example.

Government organizations

Federal

State

Local

Defense Department

Combat units: offensive and defensive

Support services

Intelligence

In order for the nation’s cyber defense strategy to be effective, it has to address aspects and attributes of each of area. This is why during one April presentation at a corporate risk briefing, one of the attendees said that “defending the cyber environment is like trying to change a flat tire on a vehicle going down the road at 70 mph.” That opinion is shared by many!

This takes the best and brightest and most creative minds the nation has in a concerted effort to address this critical need. It is my belief that we should not use the models from the past, but look to create a new, sustainable model that addresses the needs of today as well as what is believed to be a model of the environment in the next three to five years. I should note that I am not alone in that thinking.

There is an interesting piece on IEEE titled “ The Unfitness of Traditional Military Thinking in Cyber.” While this is an interesting piece, one thing should be added: The cyber environment is continuously and rapidly changing and far different from what we see in the traditional military setting. New offensive, defensive and intelligence strategies must be developed. While starting with a blank sheet of paper is a daunting undertaking to be sure, it is necessary to address the complexities of this environment.

For decades, our adversaries have been and continue to constantly seek new ways to compete with the United States on a much more level battlefield. Cyber has much, if not all, of what they have been looking for. A cyber weapon does not require significant amounts of money such as a weapon like the B-21 Long Range Strike Bomber. Cyber provides an environment where military capabilities can be compromised, stolen and reproduced by our adversaries. Cyber also provides an environment where you can easily outsource the execution of an adversary’s hostile intention toward the United States. Those are just a few of the many differences that require the nation’s cyber defense strategy to be wide-ranging and depart from traditional models.

The cyber domain is a highly contested area, and we cannot afford to get wrong our nation’s cyber defense strategy.

No comments: