Dispelling the Top Ten Myths of Cybersecurity and Other Stories – ICD Brief 81.

by ICD Posted on April 8, 2018

ICD Brief 81.

02.04.2018.-08.04.2018.

 

I had the pleasure of hearing ICD colleague Dmitri Alperovitch’s cyber lecture Dispelling the Top 10 Myths of Cybersecurity [YouTube 8:05-1:06:18] at the New York University Tandon School of Engineering late last month. At 37, Alperovitch, Co-Founder and CTO of the cyber security firm CROWDSTRIKE, is acknowledged as one of the world’s top technical and articulate cyber security leaders.

Here They are:

  1. Attribution is Impossible in Cyberspace 13:00
  2. I don’t have anything worth valuable to steal 21:00
  3. It’s all about critical Infrastructure 24:00
  4. Information Sharing is the answer 26:00
  5. Cyber Tool proliferation is inevitable 27:33
  6. This is a solvable problem 30:00
  7. Offense is easy 31:00
  8. Cyber attacks are done at the speed of light 32:00
  9. It’s all about keeping the enemy out 35:00
  10. It is hopeless 40:00

Noteworthy updates:

USA

The Department of Cyber?

“Policymakers and members of Congress have increasingly called for a “whole of government” response to cybersecurity threats, including foreign election meddling and critical infrastructure protection, and a formal, unified cyber doctrine to govern U.S. policy.”

In Army’s Newest Unit, Everyone Learns Cyber Skills

“Prior to its deployment to Afghanistan, the Army’s newest unit received special assistance in cyber and electronic warfare techniques. The 1st Security Force Assistance Brigade, or SFAB, is a first of its kind specialized group designed solely to advise and assist local, indigenous forces. As such, these units need specialized equipment and received training from Army Cyber Command on offensive and defensive cyber operations, as well as electronic warfare and information operations, Army Cyber Command commander Lt. Gen. Paul Nakasone wrote in prepared testimony before the Senate Armed Services Cyber Subcommittee in early March.”

US Bank Teams Up with Plug and Play to Increase Cybersecurity Innovation

Plug and Play announced on Friday that U.S. Bank (USB) has joined its Cybersecurity Innovation Platform as it prepares to kick off its first cohort. According to the hub, through this expanded partnership, U.S. Bank will engage with leading entrepreneurs in the Cybersecurity and Fintech sectors to further accelerate its innovation efforts. While sharing details about the new collaboration, David Johnson, security innovation lead at U.S. Bank, stated:”

Australia

AU$140m Cybersecurity Research Centre Opens in Western Australia

“Australia’s Cyber Security Cooperative Research Centre (CRC) has on Thursday opened in the country’s west, aimed at growing national capability in cybersecurity research, development, and commercialisation.”

Bulgaria

Bulgaria Joins NATO Cybersecurity Initiative

“The government’s press centre released information that the government has approved the Ministry of Defense to join two NATO memorandums, signed in 2008, for the organization, creation, and functionality of the NATO Cooperative Cyber Defence Centre of Excellence.”

China

With Trade War Looming, Chinese Cyberespionage May Return

“With the prospect of a trade war on the horizon between U.S. and China, cybersecurity and policy experts say government-backed cyberattacks between the two countries may spike after years of calm. For the last two weeks, Chinese and U.S. government officials have been sparring over the potential creation of tariffs, which would place a tax on foreign exports coming into America.”

Estonia

From AI to Russia, Here’s How Estonia’s President Is Planning for the Future

“AT 48 YEARS old, Kersti Kaljulaid is Estonia’s youngest president ever, and its first female president. “

“Known for its digital government, tax, and medical systems, Estonia is planning for the future. The country’s “e-resident” program—which allows global citizens to obtain a government-issued ID card and set up remotely-operated businesses in Estonia—has attracted 35,000 people since 2014. Now the government is discussing a proposal to grant some rights to artificially intelligent systems. The law could make it easier to regulate decision-making by autonomous systems, robots, or driverless cars.”

Germany

Bundeswehr Cybersecurity Center Trains Elite Counterhackers

“A year ago the German armed forces set up a command center for internet security. The new German hacker-soldier elite is being trained at the Bundeswehr University, on the outskirts of Munich.”

India

Govt Sets Up Cyber Coordination Centre to Address Cybersecurity Threats

“The government has set up a National Cyber Coordination Centre (NCCC) to address various kinds of cyber security threats, including threats arising from misuse of social media, the Rajya Sabha was informed on Wednesday.”

How Indian Police Is Being Trained to Tackle Cybercrime sic

“Personnel from nearly 1,000 police stations in Karnataka will be trained to handle cybercrime as the state plans one cybercrime station per district by 2019.  “We are starting from zero,” Praveen Sood, director-general of police (CID), who has begun an intensive two-stage training programme on how to deal with hacking, online harassment, credit/debit card fraud, data theft etc, for ranks till the level of constable. He maintains that training personnel remains the challenge when it comes.”

Iran

Iran Hit by Global Cyber Attack that Left US Flag on Screens

“Hackers have attacked networks in a number of countries including data centres in Iran where they left the image of a U.S. flag on screens along with a warning “Don’t mess with our elections”, the Iranian IT ministry said on Saturday.”

Japan

What’s Behind the New Japan-ASEAN Cyber Center?

“Last week, Thai officials disclosed more details about the future direction of a new Japan-ASEAN cyber center. Though this is just one of a series of efforts being undertaken to address cyber challenges by Southeast Asian states and their partners and many of these specifics had already been announced late last year, it is nonetheless testament to the inroads being made as well as the increased regional emphasis on this important realm.”

Netherlands

Can This ‘National DDoS Radar’ Plan Help Fight Off Attacks on Dutch Critical Systems?

“A team of cybersecurity researchers has come up with a proposal to help the Netherlands ward off the threat of distributed denial-of-service (DDoS) attacks.

Their concept is to create a “national DDoS radar system” that could, in extreme cases, see Dutch networks disconnected from the outside world.”

Slovakia

Slovakia Tops Cybersecurity Index

“Slovakia occupies the first rank on the global National Cyber Security Index(NCSI), with 80.52 points, according to the Estonian e-Governance Academy Foundation (EGA) NGO, which drafts the index.”

UN

Estonian Minister: UN Peacekeepers Vulnerable to Cyber Attacks

“Estonia’s Minister of Defense Juri Luik met in New York on Friday with Jean-Pierre Lacroix, United Nations under-secretary-general for peacekeeping operations, and Miroslav Jenca, UN assistant secretary-general for political affairs, as well as took part in a meeting of major troop-contributing nations to UN peacekeeping operations where he raised the topic of cyber security.”

Feature

Cybersecurity in Sino-American Relations

By: Marie Baezner for ETH Zurich, Center for Security Studies (CSS)

“In this article, Marie Baezner describes how tensions built up between China and the US owing to the two powers conducting cyberespionage campaigns against each other, and how Washington and Beijing sought to ease this situation through a bilateral agreement in 2015. Baezner also looks at 1) the successes and limitations of the 2015 agreement; and 2) how internet governance and the possibility of the application of anti-access/area-denial (A2/AD) in cyberspace continue to cause disagreement between the US and China.”

 

This entry was posted in Weekly Brief. Bookmark the permalink.

Comments are closed.