CyCon was opened today by keynote speeches by the President of the Republic of Estonia, Toomas Hendrik Ilves and Commander of US CYBERCOMMAND, General Keith B. Alexander. President Ilves marked that cyber security has finally reached the attention and awareness of the highest political elite, much so due to Estonia’s presence at the forefront of this topic in the past six years. He attributed Estonia’s active role to the high degree to which Estonia is wired and dependent on e-services, which at the same time makes it vulnerable to hostile cyber activities. As in many previous appearances, he continued promoting the personal identification cards and two-factor authentication that are used and implemented in Estonia and which set a great example to other countries. The President also predicted that the inherent conflict between privacy and security in the cyber domain will in the future become even more sensitive. At the same time, however, he stated that the fear of the “Big Brother” is overblown and people should instead be more worried about the private sector that possesses significantly greater amounts of personal data than governments.
General Alexander mainly discussed the topics of training the professionals who are responsible for defending networks and sharing information between the government and the private sector. He pointed out the worrying gap in education between those who are tasked to defend the Department of Defense networks and those who attack them. He also stressed the need for domestic legislation to support the real-time information sharing between the government and the private sector, and assured that such information sharing does not threaten the privacy right of individuals as the monitoring focuses on certain signatures, not the personal data or content of communications of individuals. General Alexander also expressed his support to the migration of data and processes to cloud-based systems.
Before moving deeper into the topic of the conference, the Director of the Centre, Colonel Artur Suzik announced two newly appointed NATO CCD COE’s Senior Fellows. Both Dr Gabriel Jakobson and Dr Rain Ottis received this honour because of their continuous support to CyCon and many other projects conducted by the Centre.
The common session continued with the talk by Commander Ilker Duranlioglu of NCIRC Technical Centre who gave an overview of the operating environment of his organisation, cyber operations targeted against NATO and the bigger current and future projects of NCIRC. Dr Michael J. Covington from Cisco discussed the security and privacy implications of the number of devices connecting to Internet.
The Strategy Track was kicked off by presentations setting the scene for the usage of automated systems in cyber defence efforts. Alessandro Guarino of StudioAG predicted that since the technological prerequisites for the adoption of autonomous agents are already in existence, they will be employed primarily as force enhancers in the coming years. Jeffrey Caton of Kepler Strategies LLC emphasized the importance of learning from past events – by bringing examples of incidents caused by automated decisions taken place in the physical domain in the past three decades, he opined that it is reasonable to conclude that the same will also happen in cyberspace. Therefore, automated offence, in his view, should be implemented gradually. Anthony Guess-Johnson of Cyber Security Forum Initiative similarly took a cautious stance, especially towards decisions that are critical and where room for errors is minimal. After having outlined the main pros and cons of automated systems, he concluded, contrary to a common belief, that carrying out automated offence is easier than automated defence. His main message, however, was that no matter how advanced and autonomous the system is, it needs a subjective human element, as automated systems do not possess the human ability to process information critically.
Col Hans Folmer of the Netherlands Armed Forces gave an operational perspective to the adoption of cyber capabilities within the military, and voiced that they will be an alternative tool at the commander’s discretion, which will likely be used in combination with other capabilities. He doubted that a war only executed in cyberspace is a probable scenario as states are unlikely to successfully impose their will only through this medium, and that physical presence on territory will be required.
The Technical Track started with Dr Gabriel Jakobson of Altusys Corp presenting his work on the introduction of cyber-attack resilient missions, which was designed to complement the widespread but often inadequate IT-centric cyber security model of achieving confidentiality, integrity and availability. Cyber-attack resiliency is mostly achieved through collective and adaptive behaviour of components of the system. Jorge L. Hernandez-Ardieta from Indra Sistemas S.A. concentrated on information sharing models and on how selfish behaviour could possibly harm cooperative cyber defence. Low quality of situational awarenessand lack of knowledge to resolve/attribute the incident in a timely and precise manner is an important topic to resolve these issues. Prof. Igor Kotenko from SPIIRAS discussed the cyber attack modelling and impact assessment framework. In his views the need to use attack modelling and impact assessment framework starts with figuring out possible sequences of attacks and correlate sequences of those analytical attacks in the process. In the analytical attack modeling approach, models to consider are generating the common attack graph based on current possible vulnerabilities and modelling possible responses with countermeasures.
In the second half of the day LTC David Raymond from United States Military explained that since law of war requires that colateral damage be minimised, the cyber effects must be targeted like kinetic ones and malware should be carefully controlled weapons that can cause greater damage. Jeffrey Caton look into the complexity and emergence in ultra-tactical cyberspace operations. Professor Gregory Conti presented a teaser for his work "Towards a Cyber Common Operating Picture", which was also mentioned by General Keith B. Alexander in the morning session. Conti provided many examples on how a CCOP framework should be designed and what problem aspects need more attention. The focus is on the problem of cyber-only operations as well as joint cyber-kinetic operations. Conti concluded that this work only solves a part of the problem and there currently is no single tool that would solve all problematic aspects.
The conference continues tomorrow with a day filled with presentations varying from cyber ethics to future technical challenges.