Members of the defense and intelligence communities gathered the last week of May, virtually, for the 2021 AFCEA Spring Intelligence Symposium. I attended on NetCentrics behalf as part of this community. Here are the emerging cybersecurity trends that will shape the field this year and moving forward. While there are many serious challenges ahead, there are also opportunities.
Known Threats are Strengthening
Known, persistent threats remain an ongoing concern. In the cybersecurity domain ransomware is among the fast-growing threat. There has been a sharp increase of ransomware attacks on hospitals and healthcare during the pandemic. (In fact, a 45% spike since November 2020, according to The Hacker News.) Corporate America and government alike have seen an increase of cyberattacks via unsecured networks and software supply chains.
Geo-politically motivated disruptions continue, too. Cyberattacks traced to China, Iran, North Korea and Russia are not slowing down. The aims vary – from stealing data to sowing discord – but have the potential for increasing reach and real-world consequences. The low cost of attack, and the untraceable use of cryptocurrency, indicates these threats will increase.
Last, but certainly not least, the continuing climate emergency and pandemic are putting new pressures on organizations of all sizes. Looking only from a U.S. domestic perspective, the pandemic continues to drive social and political divisions that make a unified approach to cyber defense, via law, more difficult. Similarly, climate action risks further delay and budgetary shortfall when attentions are placed on any of the above threats. Climate change, in turn, contributes to more geopolitical instability, furthering demand for national intelligence security.
For those with a bias toward optimism – just wait! — the doom and gloom continues. We haven’t even touched on topics like international and domestic terrorism, or the other numerous social and political challenges up ahead.
New Threats are Rising: Smart Sensors
Among new cybersecurity threats is the proliferation of smart sensors. Increasingly, sensors are bringing benefits to a range of industrial infrastructure not previously interconnected, or online. Among the benefits are operational cost reduction, energy efficiency, and network efficiency. But operational technology waking up and connecting to the internet presents a growing challenge from a security standpoint. This year’s cyberattack on the Oldsmar, Florida water treatment plant is a recent example affecting operation tech.
One AFCEA speaker estimated that 90% of our nation’s critical infrastructure (water, gas, electricity, etc.) is in private hands. This infrastructure becomes trickier to protect when infiltrated by experienced nation-state actors with malicious intent. Meanwhile, the trend toward complete ubiquity of connectivity marches on…
New Technologies Just Half the Solution
Discussion of emerging technologies like artificial intelligence, machine learning, and quantum computing were present throughout the symposium. All of these technologies will exert greater influence on national security and intelligence gathering in the future. Yet, they are only half the solution when it comes to a proactive security stance.
To counteract new and emerging dangers, AFCEA leaders shared the following big ideas – and all were dependent on people:
- Improve diversity and transparency throughout government, and throughout the tech stack.
These are not shallow aspirations or slogans. The security and intelligence communities know there is a need for multiple perspectives and experiences to get ahead of adversaries. The growing demand for cybersecurity skills is well known. Yet, there is equal if not greater demand for understanding cultural nuance, and anticipating and interpreting cyber behavior. To adequately prepare, the base of people in intelligence and national security must expand and be more inclusive. - Data management must be automated, but also curated. The torrent of data collection, from disparate sources, is only growing. The only way to understand and prioritize this data will be through automation (via artificial intelligence and machine learning). Yet, human creativity remains central to the process. We must reserve human effort for highest use: applying vision, imagination, and novel approaches to problem-solving.
- Transition from analog to digital processes throughout. “Digital-first” continues to be a necessary security stance because cyber is the dominant warfighting domain. The intelligence and security communities must operate differently than the last 20 years. It’s no longer about being faster, but using technology to reimagine and revolutionize tools. We must build systems that prioritize flexibility, transparency, rapid integration of data, and resiliency.
In summary, the symposium underscored the following recommendations: expand the talent pool in cybersecurity to include more perspectives; leverage uniquely human strengths to solve problems; and build resiliency on all fronts. NetCentrics can help you achieve this with our expertise in cybersecurity, telecommunications, and IT modernization. Contact us to see how we can work together to incorporate these future-forward recommendations into your security solutions.