How to gain strategic advantage over cyber threats

The United States is in a difficult position. The continuous advancement of cyber threats and the frequency of attacks have combined to create one of the greatest challenges to the United States in decades. Many industry leaders and government officials, believe we need to step up our efforts to deal with the threats and challenges of the 21^st century.

The major challenges include acts of cyber aggression that can threaten our international competitiveness and economic recovery. Military leaders, government officials and business executives are searching for the answers to these complex issues.

For example, according to Panda Labs, in 2009, there were more than 25 million new strains of malware. That means a new computer virus, worm, Trojan horse, spyware, dishonest adware, crimeware, rootkit, or other malicious and unwanted software is created every 1.26 seconds. The magnitude of malware release overwhelms traditional signature-based security products. The critical need to deal with these threats and challenges rapidly requires a strategic approach rather than the tactical approach that we continue to apply to this problem set.

To achieve strategic advantage, we need to do much more than enhance the function and feature sets of our current and near-term security products. We need to leapfrog the global state of the security industry and create the next generation of security products, and for that, we need the CIA:

Creativity + Innovation + Assurance = Strategic Advantage

We need to apply creative thinking to the problem set associated with defending our cyber systems as well as the regulations governing this space. The computer security industry must not only out-innovate our competitors but also outsmart the criminals, terrorists and rogue nations that relentlessly attack and test our security defenses.

Specifically, we need strategic cybersecurity initiatives that would:

• Move to a dynamic digital defense model.
• Establish an enduring, futuristic security framework.
• Implement continuous security awareness education.
• Create behavior-based threat identification and mitigation.
• Apply near-real-time disruptive capabilities for in-progress cyberattacks.

The current level of information security does not get us where we need to be. As one security professional told me, “Right now, we are struggling to keep our heads above water, we don’t need to change what we’re doing, just how we are going about doing it.”

Assurance is key. Rapid advancement in both methods and techniques used to secure our systems is the only way we can get ahead of the continuously changing cybersecurity threatscape. The trickery that has been seen in recent attacks has risen to levels not seen before, especially when it comes to phishing attacks. The current state-of-the-art in cyberattacks show highly targeted attacks based on in-depth analysis of targets and custom design of the cyber weapons along with formal testing and analysis of the effectiveness of the design in the specific target environment.

Perhaps the most troubling aspect of this threat environment is whether the rigid nature of our doctrine-driven military and intelligence operations will be able to think out-of-the-box when responding to acts of cyber aggression by our enemies.

Has the limited cyber doctrine developed to date tied the hands of our cyber soldiers? No one knows for sure given that many, if not most, of these documents are classified.

Will our cyber military and cyber intelligence community find themselves looking to outside contract resources for the answers? That is not as far-fetched an idea as it might seem. Last year I was asked if I would consider being the leader of a new start-up that they said would be the Blackwater of the cyber warfare and weaponry space.

One thing is certain, we need to be at the top of our game when it comes to cybersecurity.