Four of the major issues underlying any future U.S. national cybersecurity policy are increased foreign surveillance, upgrading of our federal information systems technologies, reducing our informational deficit, and actively promoting education.
The administration’s executive order on cybersecurity was delayed in part because it appears now that President Donald Trump will likely push for an end to the Obama administration’s cautious and lawyer-like attempts to balance privacy and national security. Additionally, it also contained knee-jerk response initiatives that would have created additional major distractions.
“I think competitive advantage is in Trump’s DNA.”
Given his consistency on fighting terrorism, a reversal of the foreign surveillance provision in the law that is set to expire at year’s end can be expected, along with an aggressive reauthorization to allow unfettered inspection and scrutiny into international communications. This, like most of his executive orders to date, is simply another return to conventional law enforcement and traditional counter-espionage tactics that have always been common in times of war.
Oh, did I fail to mention that we are at war? It didn’t start yesterday.
One issue that has garnered too much attention is the campaign to require equipment and software manufacturers like Google and Apple to cooperate with the federal government by building encrypted back doors into their products that would allow law enforcement agencies to access for the purposes of uncovering inculpatory physical evidence associated with a particular crime.
This is a classic slippery slope related to privacy issues, but it is also a naive attempt to outwit or deceive cyber-criminals who are notoriously hard to outwit. Encryption back doors in devices will present a simple challenge to even lesser-skilled hackers that is easy to overcome, but it is even more troubling that an uninformed Congress is considering legislation that will force companies to create these paper defenses.
It would be more productive for the administration to focus instead on the modernization of the government’s IT systems so that they can defend against today’s style of cyberattacks and on an overarching cooperation among agencies that would result in every one of them applying the same set of active defenses. These steps are both uncontroversial and would go a lot further to combating cyberterror than fighting legal privacy wars.
An active defense is also in step with an increased counter-espionage strategy, in that we could begin attacking the sources of black market malware that are commonly used to launch these attacks. The OPM hack was the result of an unsophisticated malware strain obtained on the dark web that was able to penetrate a 12-year-old perimeter defense technology. Our attackers know far too much about us compared with how little we know about our attackers. Gaining a counter-espionage advantage will be essential to winning these battles.
Bringing all of the federal agencies current with the same technology would not only allow the application of advanced artificial intelligence, behavioral analytics, and machine-learning software technologies, but it would also help prevent, protect, and defend all of our varying information asset classes across all government departments. Today, one of our key exposures is a single vulnerability in a given agency that will easily allow penetration and propagation through all stored government data, regardless of which department. Once inside one network, you’re inside all of them.
In addition, a broad modernization would automate many of the information sharing challenges that exist today as the result of the current disparate legacy systems and enable the sharing of critical cyberthreat information across all departments and agencies that will lead to an improved federal cyberdefense posture.
Education is critical to our future ability to prevail in the growing cyberwar as our enemies have been engaged in widespread cybersecurity training and education programs for years.
Many of these participants have tens of thousands of students enrolled in advanced cyber hacking programs where they are learning the latest technologies and weapon construction techniques, while here in the U.S., there are only a small handful of colleges offering cybersecurity degrees.
And these foreign programs don’t just demand excellent computer skills for entry. They also require written and oral fluency in the English language. With 1.5 million unfilled cybersecurity analyst jobs in the U.S., the imbalance is startling.
Going after these sources of malware, developing an actual informational advantage over our enemies, building modern active defenses into our information systems and promoting educational programs that can address the supply side deficit would be good first steps in disrupting the current attacker-defender dynamic.
We should applaud Trump for his cautious reconsideration of an executive order that may have raised more problems than it solved and hope that the new cybersecurity policy will contain the muscle necessary to do what needs to be done. Unless we level the playing field and gain a competitive advantage, we will keep perpetuating this recipe for failure. I think competitive advantage is in Trump’s DNA.
Steve King is the COO and CTO of Netswitch Technology Management.