Atlanta has taken pains to introduce itself to the world as both a global city and a cybersecurity hub; the recent World Trade Day event wove those themes together during its fourth annual conference.
The World Trade Center Atlanta’s all-day summit June 24 blended broad geopolitical issues with specific strategies for defending against attacks in cyberspace during an event itself held on a new platform designed to foster interaction among virtual attendees.
Diplomats from the United Kingdom, Brazil, Liberia and Israel, along with commercial representatives from Hong Kong, described the challenges of engagement in a world derailed by a pandemic, while practitioners in both the military and civilian space described the challenges of cyber defense and prescribed available solutions.
Keynote speaker Lt. Col. Thomas Nelson showcased one of Georgia’s foremost cyber assets: the U.S. Army Cyber Command, which has already begun to spur private-sector activity in advance of its official opening next year at Fort Gordon in Augusta.
Mr. Nelson, who heads up the command’s Cyber Tactical Operations Center, demurred when asked to specify which countries pose the biggest threats to U.S. cybersecurity, but he outlined how the Army has gone from “being a reactive force to one that is proactive” to neutralize threats on an ever-changing global battlefield where the traditional advantages are blunted by the low barriers to entry.
Amid the pandemic, he said, there has been a “historic increase in the attack surface” with the normalization of remote work and virtual events.
Online, fortune favors those that make use of their capabilities, he said, citing a recent interview given by Paul Nakasone, commander of U.S. Cyber Command, director of the National Security Agency, and chief of the Central Security Service:
“Superiority in cyberspace is temporary. We may achieve it for period, but it’s ephemeral. That’s why we must continually operate to seize the initiative and maintain that initiative in the face of persistent threats.”
The cyber center is engaged in defending weapons systems, data and critical infrastructure at a time when hackers — either state-sanctioned or not — are operating at a level just below the threshold of armed conflict.
“We can see the adversaries are continuing to try and push that line,” he said.
That has necessitated a sustained response, partnering with allies where possible and also forging partnerships with the academia, government and private sector to shore up defenses and stay ahead of the latest threats.
Harri Hursti, founding partner of Nordic Innovation Labs and an afternoon keynote speaker, said most companies fool themselves into thinking that they understand the enemy.
“Your are thinking as you would like your enemy to think. The enemy has a very bad habit of not agreeing with you how they are supposed to be thinking and behaving,” he said.
Critical thinking — not brainstorming on a whim but having a structured way of getting away from your biases — is key to true security. While “white hat” hackers are interested in the intellectual challenge and the elegance of solutions, bad actors known as “black hats” don’t need style points — they look for the easiest vulnerabilities to exploit.
He is “horrified” by the lack of security in some areas of infrastructure like the power grid; he’s seen some systems running on Windows 95.
“We are lucky that nothing bad has happened yet, but really the operative word is lucky,” he said. “We really need to go back to the drawing board and think how vulnerable we are.”
A panel of industry experts from Deloitte, NCR, AGCO and AT&T said the key, especially when thinking of targets like the financial system and supply chains, is setting standards where possible and thinking in terms of systemic resiliency.
Knowing that many companies will be hacked, they should all have a proactive plan for coming back online if and when their “crown jewels” are either compromised or taken hostage.
“The focus on resiliency is really what gets everyone through this, if you have a plan to recover in the wake of the worst-case scenario, … to handle what might be existential threats, the low-likelihood but high-impact events,” said Deloitte’s principal of cyber risk, Andrew Morrison, who moderated the panel discussion.
While large hacks make headlines, smaller companies are increasingly vulnerable because they don’t have the resources to pour into large IT departments, said NCR Chief Information Security Officer Bob Varnadoe, who advocated that SMEs focus on “basic hygiene” with their data — keeping up with antivirus software and patches where needed, while backing up often and knowing where the data is stored.
In an age of ransomware — like the attack that compromised the City of Atlanta’s systems — or financially motivated criminals seeking to expose personal data, as in the case of the massive Equifax data breach, it’s vital to have a plan.
As Mr. Hursti put it, citing an adage in the cybersecurity world:
“There are two kinds of companies — the ones that have been hacked and the ones who don’t know they have been.”
World Trade Day ticket holders can go back to the online venue, developed by vLink, to watch videos of the event and revisit the program for 30 days.
See the full program here.