This Week in Cyber
NATHANIEL GLEICHER, Head of Cybersecurity Strategy, Illumio
Four things I’m reading this week:
- Autonomous Vehicles Watch — Naval Edition: The Navy is apparently considering crewless ships. This does a nice job of combining the complexity of autonomous shipping (also imminent) and autonomous weapons systems. Worth watching to see where this goes. I’m reading: “Crewless Ships in the Navy: Not If, But When.”
- Shadowbroker’s NSA Leaks and What It Means for the Vulnerabilities/Equities Process: The recent online disclosure of a series of purportedly NSA tools refocuses recent debates about how many vulnerabilities the government should retain, and how it should decide whether to hold or disclose them. If nothing else, it makes it absolutely clear that any vulnerability could get out. If the government is weighing whether to disclose or retain, it must be with a clear-eyed acceptance of the risks if that vulnerability is leaked. I’m reading: “Opinion: NSA hack reveals flaws in White House zero-day process.”
- Banks Struggling to Secure Their Systems in the Wake of SWIFT Hacks: This evolving story is a stark reminder that any open network is only as secure as its least-secure entry point. Large networks need vigilance to raise up the security of their weakest links, and they need internal segmentation to control the blast radius of intrusions that do occur. I’m reading: “Special Report: Not so SWIFT — Bank messaging system slow to address weak points.”
- Possible Responses to the DNC Hacks: There’s been quite a bit of discussion of possible USG responses to the DNC hacks. Any reaction raises complex foreign policy concerns, and CSIS’s Jim Lewis does a great job of laying them out and thinking them through. A key message from his analysis: “One lesson that can be drawn from our experience with state-sponsored hacking is that, if there is no reaction to a hack, an opponent will take this as a green light to continue.” I’m reading: “Russia and the DNC Hacks.”
Originally published at www.illumio.com.