Cyber(war) what is it good for?

AusCERT 2016 Speaker

Edward Farrell runs penetration testing firm Mercury Information Security Services. But he also is a member of the Army Reserve and he’s seeing an increasing overlap between his civilian and military lives.

“We’re applying too many military characteristics,” says Farrell when looking at the problems facing the commercial world.

One of the challenges, he says, a divergence in understanding what “cyber” really is.

Farrell says the term cyber has its foundations in science fiction but it evolved to be used mainly in security. It’s a vague term that lacks a basis in fact resulting in miscommunication, particularly as it’s applied in many different fields.

Farrell looked at some statements made by political figures. For example, UK Chancellor has said “Islamic State militants will aim to kill via cyberattacks”. However, the reality is IS is using the internet as a sphere of influence. And this is leading people to make incorrect assumptions about what “cyber” can do.

Back to basics

Farrell says it might be better to actually stop using the term “cyber”. For example, rather than say “cyber defence” we should use “computer network defence”. Similarly, application penetration testing and digital forensics are more useful that cyber pen testing and cyber-forensics respectively. By being clearer about what we are doing, it’s more likely for people to be engaged with a better understanding.

Another challenge, says Farrell, is today’s leaders fight conflicts today based on how they fought past conflicts. However, this “top down” leadership approach based on seniority may be flawed.

Strategy will always trump technology

"There’s a perception technology will solve all our problems. But we’re not seeing that,” says Farrell.

For example, the US dependence on drones is trumpeted but there have been some significant issues as drones cross national borders.

Modern conflicts are often conducted in urbanised, over-populated areas where there has been environmental degradation and there are failed governments. That means conducting an effective response requires a different strategy than in past conflicts.

Today’s army networks are more complex than ever before which can hamper the ability to adapt to changing field requirements. However, military leaders don’t think about strategy in these terms all the time.

Much military thinking is largely focussed on higher-level conflicts (such as national survival wars) whereas today’s conflicts are often more localised and remote (such as overseas peacekeeping).

The new world

The breakdown of government is more likely to be the reason the military will be engaged rather than the more traditional reasons for military engagement, such as protection of national borders.

Typically, the military domain wants to use technology to damage the interests of enemies. But Farrell suggested using technology to stabilise the enemy environment might be a more suitable approach although he believes there’s a view that would not be “sexy enough”.

Overly technical or leadership dependent strategies are doomed to fail, he says. How those are balanced is a challenge for the next three to five years.

"There are innovative paths out there, let’s hack around a bit,” he says.

Join the CSO newsletter!

Error: Please check your email address.

Tags Edward FarrellAusCERT conferenceMercury ITcyber militarycyber attacksAusCERT2016government securitycyber warfare

More about Modern

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place