Active Defense, Cyber Detection
Abstract: Organizations today are on the front lines of an undeclared cyber-war, targeted by hostile actors that seek to disturb their business activities, damage their infrastructure, and steal their intellectual property. While prevention may be pos- sible, breaches do occur, and companies suffer costly ramifications as a result of outdated, constrained, or passive defense mechanisms. The time has come for organizations, working together with the government and law enforce- ment, to enhance their ability to counter such cyber threats using more proactive strategies and technical measures, such as active defense and cyber deception, to readily neutralize and potentially turn the tables on cyber attackers in real-time. Active defense in the context of cyber security has been the subject of fierce debate and misinterpreted in the media as “hacking back.” Active defense should be instead referred to as a range of potential countermeasures, including honey- pots, beacons, or sinkholing malicious traffic. The use of active defense is built upon the premise that highly trained security personnel, operating within a secured and monitored architecture would be those best suited to neutralizing the adversaries. That being said, as many lack the skilled resources necessary, many corporations are too adolescent in their cyber strategy to implement, and thus realize the benefits of, an active defense strategy. In the interim, cyber deception is a game-changing, emerging technology that can allow organizations of all sizes to be more proactive when it comes to cyber threats, leading to cost savings and overall greater protection. Due to the ever-changing nature of the infosec and cyber crime landscape, cyber law, including active defense, is not well-defined. Thus, determining the best approach to develop active defense measures within a carefully defined legal and policy-based framework has become a crucial step for organizations, policymakers and law enforcement, and citi- zens.
Market Sizing / Growth:
73% of Americans consider cyberterrorism to be a critical threat to the United States (Gallup)
Global spending on cyber defense products and services is projected to exceed $1T cumulatively over the next five years, from 2017 to 2021 (Cybersecurity Ventures) There is a severe cybersecurity workforce shortage, predicting a shortfall of 1.5M cybersecurity professionals by 2019 (ISSA) More than three out of four respondents believe their government is not investing enough in building cybersecurity talent, and cyber laws and regulations are insufficient (CSIS)
Discussion Topics:
What is “active defense?”
What types of corporations can afford an active defense strategy? Size? Sophistication? Industry?
Is active defense the same or different from hacking back or counterstriking?
What measures fall within the scope of active defense, and what are the benefits and risks of each?
What measures may be appropriate to use by certain actors, and under what circumstances?
By what means, if any, would the law support a defender who takes unconventional, active defense measures against an attack?
How do you expect that the new leadership in the US will affect these policies?
What is the role of the federal government in developing a framework and set of norms that can inform such ac- tions? How should policy and law be updated to support active defense in a way that is consistent with the general pub- lic’s values and interests, and that can evolve as new technologies are developed? How do we move beyond the current policy stalemate of inaction vs hacking back, and develop appropriate and risk-driven policies for active defense?
Made with FlippingBook - Online catalogs