Customs & Border Management

Lessons in Cyber Resilience

I recently had the pleasure of co-chairing a workshop on Cyber Resilience at AFCEA’s International Conference.

So what is Cyber Resilience?  Cyber attacks continue with regularity and increasing sophistication.   Regardless of how much is spent on defensive measures, an organization must figure that a breach will occur.  It’s no longer a matter of “if” but “when”.  The ability to protect sensitive information and continue with critical operations whilst detecting and recovering from the attack will be key.  This is referred to as Cyber RESILIENCE. My previous blog post unpacks the term, illustrating it with selected Government initiatives.

So what did I learn? Too much to write in a short blog post for sure – but these are my five key take away items:

 resilienceK  Cyber (more so resilience) needs work. Only 12% of countries have a published Cyber Defense strategy (the EU map them here) and it was clear from discussion at the conference that the central theme of resilience is not well understood.
Basic Ed “Basics” cause most problems.  Fundamental “hygiene” such as poor passwords, undisciplined system administrators, poorly configured firewalls and unprotected edge of network devices are the root cause of the majority of cyber incidents. A constant focus on basic education & awareness is needed to improve this.
 Virtualization SQ  Virtualisation & Software Defined Networks help – because these technologies allow an organization’s infrastructure to adapt to cope with new workloads quickly and easily, they can also be used to make it much harder for a cyber attacker to disrupt operations. Attacks – once detected – can also be quickly quarantined to minimize disruption.
 Observe  Too much observing, not enough action – the Cyber Security topic suffers from much examination, compounded hype and war stories abound BUT not enough is done to render & share pragmatic advice, hints, tips, checklists and initiatives that can be understood and executed by the top management of an organisation.
 img-collaboration SQ  Collaborative approaches starting, but hard – shared intelligence is essential to get ahead of organized crime and complex cyber attacks. There are a few interesting examples of proactive collaboration (NATO’s Malware Information Sharing Platform  IBM’s Xforce Exchange) but these are politically (not technologically) hard to get off the ground. But they will become more essential and critical over time

Agree, disagree, disinterested?  I’d much appreciate an active debate on this topic!  Contact me through leaving a comment, twitter or LinkedIn!

 

Director - Blockchain | National Security - CTO Team Europe

More stories

The Cognitive Port of the Future

Future ports are digital Imagine an autonomous port where the technology is guiding container ships to designated berthing position. Where all operation is automated and optimized using data from high amount of sensors installed across of terminals, water and road network surrounding ports. This is a vision adopted by leading ports like Port of Rotterdam […]

Continue reading

Customs in the cognitive era (part 1)

Norbert Kouwenhoven and I are writing an article about how cognitive computing can transform the way customs agencies supervise international merchandise trade. Over the next couple of months I plan to post a series of blog posts about customs in the cognitive era as we finalise the article. In part 1, we look at cognitive […]

Continue reading

Does Taking the Long View Help?

Traditionally, U.S. federal agency plans last the length of a four-year presidential election cycle. But many challenges facing government are on a much longer cycle – such as building Defense weapon systems, adapting to climate change, and creating energy independence. In 1996, Congress mandated the Defense Department to conduct a “quadrennial defense review” (QDR) of […]

Continue reading