Obama's cyber czar: 'We're making the security problem harder'
IT and infosec pros grapple with the question continuously: Just how bad is the cyberthreat landscape right now?
“It’s serious — it’s getting worse and it’s getting worse in a number of ways,” former White House Cybersecurity Coordinator Michael Daniel said. “We are making the problem harder and bigger.”
For one, between five and 10 million new devices connect to the internet every single day and those heterogeneous systems are more complex than just desktops and laptops and include mHealth tools, Fitbits, refrigerators, cars, light bulbs and Internet of Things devices and apps.
The second factor is the fact that individuals and organizations have become so reliant on digital technologies that disruptions once considered a mere nuisance now can trigger critical stoppages in business and government and people’s lives that have an enormous impact.
Daniel, who is now President of the Cyber Threat Alliance, offered a third way the cybersecurity problem is getting worse: More adversaries — as in organized crime, nation states and increasingly sophisticated hackers — are discovering that they can effectively pursue their interest through cyberspace, so the willingness and frequency of malicious actors to take more serious action is also increasing.
“When you combine those trends, you get a pretty grim picture of the direction of the threat,” Daniel added. “Cyberspace is the only environment where there is more of it on a daily basis. Land, sea and air are not expanding on a daily basis but cyberspace is.”
Acceptance: A big improvement
When Daniel took the job at the White House in 2012 just convincing people that cybersecurity was a real issue they must pay attention to was a major challenge.
“I don’t have that problem anymore,” Daniel said. “We’ve made a big improvement over the last five to six years: the leap to everybody accepting cybersecurity as a serious issue they need to deal with.”
Instilling that realization in government officials as well as private sector and other leaders enabled a broad swath of entities to put institutions and capabilities in pace to address the threat.
And the real challenge now, Daniel added, is to determine how best to make use of the available tools to protect ourselves and disrupt what the bad guys are doing.
“That will not just involve a technical solution, it will involve changing mindset, organizational approaches and activities as well as implementing tech solutions,” Daniel said. “There will not be a simple answer that fixes all of the problems.”
Trump’s cybersecurity continuity
Whether or not President Donald Trump’s policy plays will advance or inhibit former President Barack Obama’s cybersecurity work remains to be seen, of course.
“It’s still pretty early in the administration as these things go but the people they have brought in like Rob Joyce in the White House, Chris Krebs over at DHS and Jeanette Manfred they appointed to a position there, they’ve put in some really good people,” Daniel said. “If you look at the kinds of things they’re doing, it’s building on the work we were doing in the Obama administration, they’ve been continuing the right kinds of activities.”
The Obama administration, for instance, focused on defending against cyberthreats that would result in catastrophic damage to U.S. national security, economic security or confidence in the federal government, he said.
“In many ways that will continue because a lot of what we were pursuing were middle of the road, nonpartisan, voluntary and non-regulatory approaches to dealing with critical infrastructure,” Daniel explained. “I can’t see this administration going in a different direction. Because of that fact I think a lot what we did will be continued.”
What cybersecurity needs most
New cyberthreats and attacks are emerging quickly and almost constantly. Ransomware, ransomworms, wiper malware in the form WannaCry, Petya and NotPetya are merely the summer’s scariest instances.
“These kinds of trends are not going to go away. Hospitals and other parts of the medical system are going to have to adapt to this new environment where they are indeed targets,” Daniel said.
That means focusing on risk management and intelligence sharing. Instead of thinking they can eliminate or avoid threats, Daniel recommended hospital executives and infosec pros shift their mindset to managing cyber risk the same why they manage the risk of potentially dealing with natural disaster or legal issues. Looking at what steps you can take to reduce risk over both the short- and long-term, in fact, is a much more fruitful way of thinking about cybersecurity.
“The private sector can work on our ability to really do information sharing at speed and at scale in a way that will actually make everybody better off,” Daniel said. “Working out how we collaborate with government, not just the U.S but governments all around the world, is going to be critical to moving forward. I believed that when I was in the White House and now I’m following up on that working at the Cyber Threat Alliance.”
Daniel will be keynoting the HIMSS Healthcare Security Forum in Boston, Sept. 11-13.