June 2, 2015 | Written by: John Palfreyman
Categorized: Defence & Intelligence
On the 20th May I had the pleasure of moderating a Cyber Security panel at our 13th SPADE Defence Client Conference in the Hague, Netherlands. I was joined on the panel by representatives from NATO Communication & Information Agency, Emerging Security Challenges Division and Industry – both large (IBM) and small (SolPas LLC). Following a short presentation by each panel member, we enjoyed a vibrant discussion session with the audience. This blog post is a short non-attributable synopsis of proceedings.
Since the vast majority of information systems are designed, owned, and operated by the private sector it is essential that NATO collaborate closely with industry on all matters Cyber. NATO ’s commitment to partnering with industry is included in their Enhanced Policy on Cyber Defence endorsed at the Wales Summit in September 2014. The NATO Industry Cyber Partnership (NICP) is the primary implementation vehicle and a broad range of activities are in progress, realising that a “one size fits all” approach will not work. NICP is expected to evolve over time in response to feedback from industry and changes in the threat and technology landscape.
Practical steps include the formation of a joint (NATO, Academia & Industry) cyber-incubator – an open and dynamic melting pot for ideas, concepts and demonstration of the use of emerging cyber security technologies in NATO. The incubator is also seen as a way of augmenting the operational knowledge of researchers in industry and academia and ensuring efficiency of procurement to get the best possible results whilst conforming with NATO’s rules and regulations. Early cyber-incubator projects include the secure development of mobile applications and the specific security requirements of interoperability within federated mission networks.
Industry explained that organisations need to take a systems-based defensive approach focusing on interoperability, trustworthiness and critical infrastructure protection rather than exploitation of Cyber fear. The “Power of Simple” can enforcing strong cyber-policy and best practices without complicating the user experience thus eliminating unintentional but compromising mishaps.
The constant evolution of technology and information platforms (such as Cloud and Internet of Things) will continue to challenge the industry and create new cyber vulnerabilities. IBM’s containment approach is best illustrated by the disease control analogy. No matter how much care is taken in defensive measures, one should assume that a breach will occur. Hence it’s vital to instrument an organisation’s information technology infrastructure so that the breach can be rapidly detected, quarantined and neutralised. It’s then important to learn from, and share the results of the incident.
Successful containment needs an intelligent balance between technology and “human” issues including leadership, culture, education & process. It’s also critically dependent on Cyber Security Intelligence derived from analysing the massive amounts of available data.
So Weaponised Cyber as a Service? Two panel questions related to this controversial topic. One asked what aggressive countermeasures are available in NATO policy to deter cyber terrorists. The other asked what active measures could be taken against an international terrorist’s web site. The NATO panel members pointed out that NATO’s policy was strictly defensive, but member nations may decide to take a different posture. A panel member stated that Cyber “services for hire” are available on the internet, which could be targeted at any actor / state if the price is right! Interesting times indeed!