03 June 2016

CyCon Session Overviews June 03

Lessons Learned from Cyber ConflictsThis session discussed the lessons learned from cyber conflict. There was a particular focus on governments having a severe misunderstanding of cyber power. There is too much focus on tactical engagements and not enough on the overall operation. This is demonstrated in short term cyber wins that have little long term impact. Data shows that there is a lack of cyber incidents over time compared to espionage and disruption. For these reasons, governments must think long term when engaging the cyber realm.Internet of Things as an Attack VectorThe session focused on how the Internet of Things has grown and developed rapidly, but without much focus on security. IoT devices have few resources and operate in unreliable environments, characteristics that make them easy targets for cyber attacks. There is a need for IT and IoT to start communicating and understanding each other’s processes in order to integrate the devices into the Internet (for example with 6LoWPAN) while keeping them secure. Existing protocols like IPsec and DTLS can be used to protect the communication. However, as the IoT environment is heterogeneous, all the actors need to come together and define security standard for IoT. This will prevent the vast number of connected devices from turning in new attack vectors.Young Scholar AwardsThe results of the Young Scholars Award were announced today. The winning papers were Ingo Stieglitz’s Malicious Traceroute Detection, Kateryna Isirova’s E-authentication Mechanisms and Means in the Field of Electronic Cross-border Services in Ukraine and Andreas Haggman’s What is the Significance of Stuxnet to War? Congratulations to all the winners.KeynoteMr Jan Neutze spoke about the development of cyber norms, which has increased in pace since 2013. He compared and contrasted the norms proposed by Microsoft in 2014 and the norms discussed in the UN Governmental Group of Experts in 2015, and found several similarities. He then proceeded to show how new norms are being developed, especially from the industry perspective, and what obstacles must be overcome in order to achieve consensus.Mr David Sanger said that the cyber arms race is in full swing in comparison to year 2009 when Operation Olympic Games took place. He noted that the nuclear weapons analogy is flawed and that we have a deterrence and arms control problem. In the cyber arena, we are facing a shroud of secrecy, which is undermining the deterrent effect.Mr Jaan Tallinn warned before the dangers of AI. The day when AI will surpass human intelligence is called the 'takeoff'. If the takeoff catches us unprepared, we may have a problem. It is important for the AI development and AI safety communities to speak with each other.Call for PapersCyCon 2017 will focus on Defending the Core. The Call for Papers is now open. For more information, please visit overviews are for informational purposes only. Conference proceedings are available as a publication. Videos and presentations will be published on later in the year. Selected CyCon 2016 Keynote speeches is broadcast live at are free to use as long as Kristi Kamenik and NATO Cooperative Cyber Defence Centre of Excellecne are credited: