Homeland Security Today - October 2012 - (Page 6)
BY STEVEN K. HAWKINS
Cyberresiliency and Preparing for the Inevitable
Steven K. Hawkins Hawkins is vice president of information security solutions at Raytheon Co., Waltham, Mass.
TODAY’S CYBERTHREATS ARE SUFFICIENTLY ADVANCED TO JEOPARDIZE CRITICAL SYSTEMS AND EVEN THREATEN ACCESS TO BASIC STAPLES SUCH AS ELECTRICITY AND WATER.
ust as traditional military strategies must adapt to address the nature of today’s asymmetric battles, so too must cyberstrategists adapt to the changing nature of their own wars against determined enemies of undetermined capabilities and resources. US governmental agencies face cyberattacks on a daily basis, making cyberresiliency pivotal, not only for defending mission-critical information in today’s data-driven, networked era, but also for ensuring an organization can carry out its mission during a cyberevent. Many attacks against systems, by both hackers and malicious software, now begin with a foothold established through a known vulnerability in the target system and the software it is running. The scale and frequency of these attacks has significantly increased in recent years. According to the National Security Agency, there has been a recent 17-fold increase in cyberattacks against US infrastructure (as reported by The New York Times). Despite that alarming statistic, US Cyber Command tells us that on a scale of one to 10, the average American is about a three when it comes to preparedness for a largescale cyberattack.When it comes to protecting our systems, we need to do better. The cybersecurity industry has responded with an array of solutions designed to constantly monitor and protect against outside security threats. However, the evolution of today’s targeted threats has outpaced such perimeter-based solutions to the point where most largescale organizations have already been breached, and many don’t even know it. Gone are the days of lone, random attackers in search of the easiest and quickest cyber caper. Today’s attacks are as targeted and determined as they are advanced, which means they don’t stop until they find a way to achieve their objectives.
Stopping the barbarians at the gate is, of course, untenable once the enemy has gotten inside an organization’s networks and systems. That’s why an effective defensive strategy in today’s hyper-connected environment requires a systemic approach to resiliency, which ensures the ability to anticipate, withstand and recover from eventual attacks, while simultaneously adapting to reduce threats. An organization’s survival and continuity are dependent on the agility and flexibility of its cybersecurity strategies to combat these threats and easily integrate into current architecture and future systems. 6
October 2012 | Homeland Security Today Magazine
Building cyberresiliency is as much about an organization’s cyberprocesses as it is about technology; technology alone cannot deliver true cyberresiliency. This critical shift to a cyberresilient mindset requires security leaders to rethink cybersecurity from the ground up and to develop holistic solutions that effectively defend against the inevitability of attack and ensure continuity of operations. Beyond innovative technology, this approach calls for an advanced cyber talent pool with rounded skill sets and an evolved leadership. Every responsible large-scale organization needs to create a dynamic cyberresiliency plan if one isn’t already in place. Cyberresiliency is more than a good suggestion or best practice—it’s desperately needed if we’re to survive and thrive in a highly interconnected digital world. To that end, the Department of Homeland Security has offered some key practical steps. It urges organizations to identify key information and technology assets that support the mission; implement controls to protect those assets from harm; implement controls to sustain the ability of those assets to operate under stress and recover from disruptive events; develop processes to maintain and repeatedly carry out protection and sustainment activities; and develop appropriate measures to drive these activities. By following this set of strong recommendations, military and industrial organizations can go a long way toward ensuring the development of fresh, holistic solutions to effectively defend against the inevitability of attack and ensure mission continuity as it occurs. Any solutions aimed at achieving this goal must be fueled by innovative technology, an in-depth understanding of customer management practices and the establishment of enduring, dynamic partnerships. The ability to deliver on core requirements is essential to supporting a wide range of cybersecurity efforts. The following should top any list of core requirements: an elite cyber talent pool delivering on critical skill sets, strategic partnerships, proven organizational maturity, enterprise commitment and, finally, comprehensive mission management. Understanding and anticipating the dangers while carefully monitoring information systems and rapidly responding to attack are also critical to minimizing harm. The ultimate benefits of cyberresiliency include full integration of technology, capabilities and operations. It provides confidence in knowledge of external and internal threats and understanding of attack vectors. It also provides the ability to reconstitute infrastructure and maintain continuity of operations. These cyberabilities allow security leaders to combat these obstacles, allowing them to protect America’s most critical classified networks and its most important resource—the public. HST
Go online today for exclusive online content and eNewsletters
Table of Contents for the Digital Edition of Homeland Security Today - October 2012
Homeland Security Today - October 2012
Updates & Responses
Grants & Resources
Public Safety Today
Borders and Intel
Facing the Fiscal Cliff
Maps Move to the Forefront
Social Media and the New Surveillance
When Drones Go Rogue
Tools & Technology
Homeland Security Today - October 2012