The national security environment has evolved over the years but is often grounded in assumptions, such as centralized command and control, government to government interaction, and information classification requirements, which are not always effective in the decentralized environment that owns, operates and uses our nation’s communications and information environment.
Additionally, this construct doesn’t consider the interdependence between government and non-government organizations. Let’s consider, for example, the Internal Revenue Service (IRS). Even if we completely secure IRS systems so that they are 100% impenetrable to attack, revenue that the IRS collects can still be placed at risk by attacking the systems of large private sector tax preparers.
Finally, this construct can assume that security challenges are primarily addressed by the government acting alone. During the Cold War, when many elements of our modern national security infrastructure were developed, the job of protecting our nation was assumed to be primarily the province of military and intelligence agencies.
Given the decentralized environment surrounding communications and information infrastructure, there are many players in this game who are not part of the traditional national security environment, and whose engagement and expertise must be brought to bear. Thus, it is essential to acknowledge the diversity of the players and to shift from a perspective that is primarily focused on government action, which is historically rooted in a command and control model, to one that is more focused on tailored engagement and collaboration across a broader set of public and private organizations and citizens.
- How do you expect cyber threats to evolve in the next decade? What kind of impact will that bring?
I expect they will increase both in terms of frequency and of sophistication. I see the interconnectedness of IT as the number one challenge individuals, companies, and governments will face in the next decade. I predict the threats will drive completely new business models. I liken the evolution of cyberspace in the next ten years to the ways the interstate systems completely changed the way countries do business; it will bring opportunities and changes to the way we live, work, and play. The threats that will result from the expansion of IT in our lives will also change. Much like security, safety, governance and business opportunities that had to change along with the exponential growth of our infrastructure, threats and will opportunities evolve with the expansion of our cyber ecosystem.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.