Istanbul '09 Workshop
Cyber Resilience for Mission Success
The Honorable John G. Grimes
Mr. Robert Lentz
Our governments, societies, and economies depend on the unimpeded flow of information through cyberspace. Information is a catalyst for successful missions and enables greater opportunity for advancement through knowledge sharing.
We share threats, vulnerabilities, and together face the cascading impacts of attacks on our shared cyberspace to include the critical information infrastructures that individuals, the private sector, and civil society depend on as much as governments. But, are we prepared to operate in contested cyber environments, and do we work together effectively on protection and defense—both nationally and internationally, and among public and private sectors?
I would like to talk about the critical information infrastructure that we share, dependencies on fragile underpinnings, collective threats we face, concepts for resilience, and considerations for potential trust-and confidence-building initiatives to address these challenges. My goal is to further develop discussions on lessons learned, share best practices, and facilitate opportunities between nations, both in the public and private sector, to contribute to cyber resilience for mission success.
DEPENDENCE ON FRAGILE UNDERPINNINGS
The overall security of a nation is dependent on the unimpeded use of cyberspace. One construct to describe the capabilities of nations is to discuss the capabilities in terms of Diplomacy, Information, Military, and Economics or “D.I.M.E.”. The underlying Information and Communication Technologies (ICT) which facilitate collaboration are prerequisites for all four of these capabilities. ICTs depend on the underlying Critical Information Infrastructure (CII) to facilitate connectivity. In the United States, as well as in other developed nations, most critical infrastructure assets are owned and operated by the private sector.
Within the CII, there are complex interdependencies and cascading effects with are not fully recognized. For example, consider the growing interconnectivity between the internet and the electrical grid through Supervisory Control and Data Acquisition (SCADA) systems with SMART GRID technologies. This was done to deliver electricity from suppliers to consumers using digital technology to save energy and reduce cost but this also greatly increases the consequence of cyber attack with unknown cascade effects.
Information and Communication Technologies and the supporting Critical Information Infrastructures are enabling capabilities that have a greater and broader value than the other three components of national missions. Our economic and national successes are linked through information capabilities and the fragile underpinnings we have created.
The ability to operate through adversity and recover quickly to a trusted environment or, put simply, the ability to be cyber resilient is paramount to national security.
INCREASING THREATS AND DEPENDENCE
Building on the previous discussion on dependence, let us briefly consider the growth of the cyberspace security threat. The increased complexity of our information infrastructures coupled with our growing dependence equates to lower entry barriers and an increased number of malicious actors in cyberspace.
The sophistication of most malicious actors is decreasing while the sophistication and number of attacks is increasing. While early malicious actors required unparalleled skills in the early days of this type of activity, today’s technology has not only facilitated greater computing reliance, it has also exponentially lowered the entry barrier for potential malicious acts in cyberspace. The recent Conflicker virus, as an example, demonstrated the potential impacts of automated threats. The end result is a tremendous and continuing growth in the number and depth of threat capabilities.
Sophisticated adversaries have the resources and capabilities to exploit our Information and Communication Technologies, impacting our ability to accomplish missions. Best efforts to keep the adversaries at bay may fail and they will succeed in degrading, denying, or manipulating the technology underpinnings. Together we must put in place the necessary insurance that allows our shared critical information infrastructures to:
- Operate through adversity
- Deflect attacks
- Restore trust when information has been manipulated
- Recover to a trusted state quickly
- Be prioritized to support essential missions
As we pointed out earlier, the ability to be cyber resilient is paramount to national security. Cyber resilience includes people, the physical environment (e.g., building networks, cables) and, importantly, the information and its enabling capabilities (e.g., Enterprise IT Services). To be resilient all must work together to operate through and recover from sophisticated cyber attacks, and be flexible, adaptable, and trustworthy.
OPPORTUNITIES AND CONSIDERATIONS FOR NEXT STEPS
There are insufficient resources to protect and defend all aspects of our shared critical information infrastructure at all times from the growing and asymmetric threats. We must collectively participate in the responsibility towards building resilient capabilities through protection and defense of the ICTs we depend on. When our best efforts in defense have failed, joint contributions towards recovery and reconstitution are key to ensuring that our most vital resource is there when we need it. Below are a few trust-and confidence-building initiatives that countries can take to cooperate bilaterally and multilaterally on cyber security matters:
- Improve defense-in-depth capabilities
- Improve Information Assurance and Computer Network Defense (CND) interoperability
- Share cyber situational awareness and early warning information
- Link watch center to watch center operations and exercises
- Ensure interoperability to protect and share CND/IA information
- Foster relationship with collective security institutions
Perhaps the most important and a good starting point to facilitate cooperation is to conduct training exercises under realistic cyber scenarios. Militaries have a unique appreciation of the benefit of training and conducting exercises and are a good resource to begin dialog in this area to:
- Increase awareness of stake holders regarding their interdependence on cyber space
- Improve understanding of procedures that should be implemented
- Increase trust between all the players
As leaders from across the world, we must encourage the international community to be good stewards of our shared critical information infrastructure and to make the cyberspace a safer place for our citizens, our businesses, and our national interests.