Cybersecurity Battlefield Strategy and Planning: “Trust But Verify”
“Trust but Verify”
These three words ring as true in today’s cybersecurity world, as they did when Ronald Reagan first said them to Mikhail Gorbachev 30+ years ago at the close of the Cold War.
While COVID has rendered offices and meetings passé, we as a society have moved much of our communication, procurement, and general interaction to the internet. Zoom, Slack, Teams, and WeChat dominate — and people suddenly seem busier than ever. We have more to juggle today, and much of this is done remotely, channeled through our home communication systems. The implications of this for cyber are enormous: a new and unanticipated pandora’s box has been opened, gifting cyber leaders with yet another point of vulnerability and access for nefarious actors to exploit. With mobile usage spiking 38% in March 2020 compared with March 2019 (https://www.statista.com/statistics/1106863/covid-19-daily-in-home-data-usage-change-us-2020/), home computers, tablets, and smartphones are now the conduits of commerce. Vulnerabilities proliferate while software developers and engineers are forced to play an interminable game of whack-a-mole.
What is the difference between tomorrow’s cybersecurity and IT leaders, and yesterday’s?
Today’s cyber leaders are more battle-tested than they were even six months ago—and this field testing is birthing a new generation of cyber leaders. The new generation of cyber warriors has quickly become more flexible and adaptable, and less tethered to ‘standard operating procedure’ and traditional approaches. He/she expects constant change and transition, and pro-actively seeks out adversaries in the ether world. Similarly, today’s warfighter utilizes fifth-generation jets and drones that integrate ground, sea, and air activity in real-time for situational awareness analysis, attack, and counterattack. This is the life of tomorrow’s cyber leaders – anticipating, probing, looking for the soft underbelly, and when necessary, attacking. The two cohorts fight in the same manner – learning, adapting, and often forming red teams to protect and defend against enemy activity.
…But Who is the Enemy?
The enemy is amorphous, hiding behind servers placed in less-regulated countries, deploying false flag operations, and continuously benefitting from technology developments. Technology companies further contribute to enemy capabilities by resisting calls for data sharing and device access, forcing law enforcement to leverage commercial solutions to track, chase, and very often, neutralize bad actors. Utilities, retail, online commerce, Industry 4.0, digital manufacturing, media, and transportation underpin our daily existence, and we depend on all these industries to mitigate – and eliminate – latency. Taking out any one of these industries can cause significant disruption and business impairment.
What is the Plan?
Cybersecurity executives’ dexterity is being tested at a time when IT staffs are working remotely, from home offices, and systems are under siege, with incessant phishing probes and creative attacks – many of which are often followed up by ransomware and extortion. Contingency and backup planning are more important than ever. The COVID crisis has hammered home to the technology community that we should trust (employees, partners, service providers, and even employers) though we must consistently verify. The Gipper had it right that cold December day in 1987: “Trust, but Verify.” He could not have predicted, however, how prescient his rhyming Russian proverb (“Doveryai no Proveryai“) would indeed become.