Upload
jarno-limnell
View
314
Download
0
Embed Size (px)
Citation preview
Strategic Trends in Cybersecurity – and Security
Jarno LimnéllProfessor, Cybersecurity, Aalto UniversityAdjunct Professor, Tampere University of TechnologyVP, Cybersecurity, Insta Group Ltd.Doctor of Military Science@JarnoLim
Security is an Enabler
Five Strategic Trends in Cybersecurity
The human source is the most valuable resource in
cybersecurity and the value of talented individuals is increasing.
“If you’re interested in the opportunity to make a difference in defending your nation, if you’re interested
in the opportunity to work with a bunch of motivated men and women...”
Russian Defense Minister Sergey Shoigu: Ministry had started a “big headhunt.”
Alternative to prison Russia sometimes offer to hackers convicted
of cybercrimes working for FSB
MIT Technology Review Custom conducted an online survey of IT and business executives and managers across a broad range of industries in February 2016.
The most valuable skills for cybersecurity career in next years may not be a focus in
specific technology, but ability to understand the big picture as
strategic thinkers.
Trend 1:Cyber arms race for
talented people.
“An artificial intelligence president could be truly altruistic. It wouldn’t be susceptible to lobbyists,
special interest groups or personal desires.”
Smart = Exploitable, Vulnerable
Security by Design
The Culture of Responsibility
…weapons that can identify targets and make decisions.”
Can a machine be trusted with lethal force?
Advances in technology pose difficult moral questions for humanity.
It is not clear who is responsible for providing answers.
The ethical implications,
The importance of Digital Ethics
We also need considerwhat better not to digitize.
How much control of our lives do we want to give over to machines
– and to the corporations that build and operate them?
Trend 2:The new era in
technology needs strong emphasis on ethics,
integral part of security.
“Cyberattack on German steel plant caused significant damage”
KINETIC CYBER
“A cyber attack on the French television network TV5 Monde”
FALSE FLAG ATTACKS
“The Dukes: 7 Years of Russian Cyber-Espionage”
STRATEGIC CYBER ESPIONAGE “Hackers breach the Warsaw Stock Exchange”
CRITICAL INFRASTRUCTURE
States are testing the boundaries of the cyberbattlefield.
according to new details from an extensive
investigation into the hack, they were
skilled and stealthy strategists who
carefully planned their assault over many
months, first doing reconnaissance to
study the networks and siphon operator
credentials, then launching a synchronized
assault in a well
Coordinated December 2015 attack on the Ukrainian electrical grid was clearly an attack on critical national infrastructure.
Cybersabotage emerging
Cyber component in all wars and crisis
New ways to utilize cyberspace appearing fast.What next is the real question.
Increasing importance to understand cyberspace as a political domain.
Issues related to cyberspace and its uses have vaulted into the highest realm of high politics.
“Proportional response”
Cyber operations suit well to the political-military hybrid environment
The adversary is usually difficult to locate
Less political risks, cyberpolitics on early stage
Cyber op´s in international law still a grey area
Often conducted by non-state actors, deniability
The role of non-kinetic actions in today´s war
Jarno Limnéll
GU
IDA
NC
E
POLITICS
Cyber should not be separated from the political and strategic context.
Trend 3:The world is moving towards a
greater strategic use of cyber capabilities.
Cyberpolitics needed.
New Normal in Security:
Speed of ChangeUnpredictable Instability
Digital-Physical Integration
How to integratecybersecurity to security.
Imp
act
Likelihood
There are relatively few “cyber only” operations
Trend 4:The line between
physical and digital security is blurring.
TODAY WE CONCENTRATE TOO MUCH WHAT WE KNOW AND OBSERVE.
WE SHOULD THINK MORE CYBER METHODS WHICH HAVE NOT BEEN USED YET – OR
WHICH WE DO NOT EVEN KNOW.
Trend 5:
?
[email protected]: @JarnoLim