Hundreds of business professionals and cyber security experts gathered for the 14th annual State of Technology Cyber Security Summit hosted by the Dallas Regional Chamber at the Sheraton Hotel in Dallas on Veterans Day, Nov. 11.
The event educated business leaders about cyber attacks and cyber crime. Among the summits’ cadre of impressive speakers was Secretary Gordon England. England served as the Secretary of the Navy, the 29th Deputy Secretary of Defense and the first Deputy Secretary of the Department of Homeland Security.
“This summit addresses what I call the most insidious technology threat to our economy, our infrastructure and our national security,” England said. “It has been said that 9/11 was the only attack on American soil since the war of 1812, but of course we know the American government, companies, infrastructure and financial firms are attacked on our soil everyday. While we can’t see it, feel it or touch it, cyber is real, and it’s a danger to our economic health.
“Through my time in the Pentagon, it was reported to me that the [Department of Defense] networks were attacked on average every eight seconds. Unfortunately, it is cheaper and easier to attack a network than to defend it. Therefore, cyberspace is rife with opportunists, attacking every facet of modern life, each for different objectives. For some it’s only fun, but for most it’s about profit, stealing knowledge and creating damage,” he said.
“My personal view is that cyber will need to move from the discreet development of unique security technology to much more highly integrated and automated response systems,” England said. “Looking ahead, due to the spectrum of damage that a cyber attack can impose on an adversary’s infrastructure, defenders must be able to, not just to detect an attack, but to sense an attack and to maintain operations while under attack, either by temporarily shutting down systems or going into alternate modes of operation. All of this must be initiated within micro or nanoseconds, employing fully automated systems.”
England highlighted the cyber defense technologies developed in other countries.
“Nation-state cyber technology on the attack side is already very sophisticated and has been deployed by many countries,” England said. “The Chinese information-operation cyber units have been fully integrated with their electronic warfare units, and they term this ‘the fifth battlefield.’ As you know, it’s in the press all of the time, Russia has been very active in several countries working to penetrate and corrupt the cyber systems in those countries.”
England discussed the importance of back up systems in case of a cyber attack.
“When I was Secretary of the Navy, I used to say that the Navy needed to maintain proficiency with signal flags, and arts such as celestial navigation as a back up to a cyber attack, because frankly, we have lost all of those skills. Nowadays, if you get shut down, we no longer have the arts and skills to go back to more rudimentary, but effective systems.
“Small companies still have a big role. While the complexities of cyber tend to require big systems, innovation is still largely occurring from what I call ‘big-brains in small company environments,’” he said.
Human interaction continues to play a part in cyber crime.
“We need to be mindful that human interaction will continue to be an important adjunct to cyber systems,” England said. “The human exfiltration of data and injection of damaging software can override an embedded cyber security measures. Edward Snowden, a former NSA contractor, is well known for [his] exfiltration and publication of classified U.S. military intel and diplomatic documents.
“I often wonder how much classified and proprietary data is exfiltrated on a disk or some other highly dense storage device that was inadvertently compromised or deliberately sold by employees for profit.”
In closing, England discussed the need for a technologically skilled workforce.
“My message of cyber defense is necessary but not sufficient. We need to be mindful that the U.S. can no longer compete long term in a cyber security area while being ranked 26th in the world in science, technology, engineering and math. Cyber is a highly technical field and being 26th in the world is not going to cut it,” he said.