The rapidly changing cyber threat ecosystem presents many challenges to government and industry across all democratic countries. The growing requirements for situational awareness, protection, prevention, and recovery from cyber incidents is daunting. Cooperation among democratic countries to not only share information, but collaboratively develop strategies and responses (both technological and policy) has become an imperative.
Because of the expanding digital connectivity and the growing sophistication of cyber-attacks from emerging technologies, a new paradigm cooperatively addresses cybersecurity. The global cybersecurity community’s posture must change to one of wait and react to that of being proactive and holistic. Being proactive means adopting a working Industry and Government Global Cybersecurity Cooperative Framework that would be both comprehensive and agile.
The future of cybersecurity will rely more on informed risk management. That requires an active strategy of detection, recognition, identification, response, and remediation of threats. Advancement in area of predictive data analytics and diagnostics to index, provide network traffic analysis, and protect against further incursions is already becoming a growing area of concentration.
Technology development continues to evolve with the introduction of new innovations to address the cybersecurity framework that includes networks, payloads, endpoints, firewalls, anti-virus software, and encryption. This framework will provide for better resiliency and forensic analysis capabilities. Some newer areas of cybersecurity spending will be in the areas of cloud, authentication, biometrics, mobility, automation, including self-encrypting drives. Automation is an existing and future cybersecurity pathway. A closer partnership between governments and the private sector industries could help produce tactical and long-term strategic cybersecurity solutions quicker.
A potential global cooperative framework should include those measures for detection, encryption, authentication, biometrics, analytics, automated network security (via artificial intelligence and machine learning), virtualization, cloud, hybrid cloud, and a whole host of other topics related to cyber threats. It should apply the newly trending Zero Trust risk management model that identifies and authenticates every device and person connected to the network, and apply security by design, and defense in depth when required.
A global cooperative security framework needs to meet growing challenges needs to be both comprehensive and adaptive. Defined by the most basic elements in managed risk, security is composed of
1) layered vigilance (intelligence, surveillance);
2) readiness (operational capabilities, visual command center, interdiction technologies);
3) resilience (coordinated response, mitigation, and recovery).
There are numerous resources to enable a framework. The National Institute for Standards (NIST) has developed standards for industry specific cyber frameworks that can be incorporated into a working global cybersecurity cooperative framework. The White House executive order mandating zero trust architectures for all governmental entities provides a good details on Zero Trust and pathways forward.
Specifically, a possible global cooperative framework of priorities should include:
Industry and Government Priorities:
- Defining and monitoring the threat landscape
- Risk Management (identifying, assessing, and responding to threats- i.e., NIST Framework: Identify, Protect, Detect, Respond, Recover)
- Protecting critical infrastructure through rapid proto-typing of technologies and Public/Private cooperation
- Modernizing security architectures:
- Better encryption and biometrics
- Automated network-security correcting systems (self-encrypting drives)
- Technologies for “real time” horizon scanning and monitoring of networks
- Access Management and Control
- Endpoint and Edge protection
- Diagnostics, data analytics, and forensics (network traffic analysis, payload analysis, and endpoint behavior analysis)
- Advanced defense for framework layers (network, payload, endpoint, firewalls, and anti-virus)
- Enterprise and client Network isolation to protect against malware, botnets, insider threats
Emerging Technology Areas:
Internet of Things (society on new verge of exponential interconnectivity)
- Drones and Robots
- Artificial intelligence and Machine learning
- Augmented and Virtual Reality
- Quantum and Super Computing
- Smart Cities
- Connected transportation
- Nanotechnologies and new materials conductivity, neuromorphic chips
- System interdependencies: monitoring and protecting the supply chain
- Wireless Mobility – banking, payments, commerce, health, entertainment. Tokens, biometrics, and Chip cards can be used for identity Management
Currently, there are few established international norms to collectively combat cybercrime against critical infrastructures on the global scale. There is a need to include governments and industries to discuss scenarios and establish protocols for policy and action regarding the evolving threat matrix and the potential spiraling effects of cybersecurity incidents.
The United States has made a concerted effort to establish allied cybersecurity alliances that include informational sharing and technological development in recent years. Some of these bilateral efforts include creating advanced working partnerships with the UK, Israel, India, Canada, Germany, Estonia, and others. Such allied cooperation needs to be expanded and enhanced. It is smart to utilize the collective talent and research and development arms of allied countries. Embracing Global Public/Private Cybersecurity Alliances and establishing a Global Cybersecurity Cooperative Framework a positive step in making us all safer.
A potential global cooperative framework should include those measures for detection, encryption, authentication, biometrics, analytics, automated network security – Twitter
The future of cybersecurity will rely more on informed risk management. That requires an active strategy of detection, recognition, identification, response, and remediation of threats – Twitter
Chuck Brooks, President of Brooks Consulting International, is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. Chuck is also Adjunct Faculty at Georgetown University’s Graduate Applied Intelligence Program and the Graduate Cybersecurity Programs where he teaches courses on risk management, homeland security, and cybersecurity. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named as one of the world’s “10 Best Cyber Security and Technology Experts” by Best Rated, as a “Top 50 Global Influencer in Risk, Compliance,” by Thompson Reuters, “Best of The Word in Security” by CISO Platform, and by IFSEC and Thinkers 360 as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020, 2021, and 2022 Onalytica “Who’s Who in Cybersecurity” – as one of the top Influencers for cybersecurity. He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic, He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for Executive Mosaic/GovCon, and a Contributor to FORBES. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.