If You Want Peace, Prepare for Cyber War

Planning for security in an era of digital conflicts

We’re at war — a different kind of war than we’ve experienced in the past. Cyber war. It’s silent, hard to detect, yet has the same devastating potential as most armed conflicts. The past few years have produced a series of shocking cyber-attacks, as evidenced by the stories about Russian espionage, North Korean malware, and multiple cases of massive identity theft.

As the world becomes ever more connected, we expose ourselves to new threats from bad actors. Unfortunately, our vulnerabilities are likely to worsen before they improve.

Recognition of a Problem

Many leaders in business and government recognize the gravity of the issue. According to one estimate, global enterprise and government spending on cybersecurity will rise 19% this year to $90B. In 2009, the United States Cyber Command was created. In the years since, there has been consistent double-digit growth in cybersecurity spending by governments around the world. Additionally, companies are stepping up their responses. Many have purchased cyber insurance, and some offer bounties to hackers who report security flaws.

Money alone, though, won’t solve the problem.

Any effective strategy to secure the digital landscape will need to overcome technical, organizational, and political challenges. It will also require experienced hands to implement.

Today, few policymakers are well-equipped to confront the strange and fast-changing landscape of cyber threats. Our law enforcement agencies and military struggle to retain top-tier tech talent. Our traditional defense doctrines weren’t designed for the cyber theater. Perhaps most disconcerting, many significant attacks don’t make the press, thus leaving the public concerned but ill-informed about the risks.

Connecting to the Internet of (Dangerous) Things

Until recently, American power has been rooted in technological leadership and unrivaled economic capacity.

Ironically, these traditional advantages increase our vulnerability to cyber-attacks. Our country’s wealth guarantees that our enemies will enjoy a wide variety of potential targets. And our penchant for innovation means that we’re probably creating vulnerabilities faster than we can discover and fix them.

In a cyber conflict, we’re likely to incur at least as much damage as we inflict.

Unfriendly state and non-state actors are already experimenting with a brand-new toolkit of unconventional weapons. In the words of Former Deputy Secretary of Defense William Lynn, “A couple dozen talented programmers wearing flip-flops and drinking Red Bull can do a lot of damage.”

For example, when North Korea infamously hacked Sony in 2014, it inflicted tens of millions of dollars in damages and leaked scandalous private information. At the time, top U.S. officials privately remarked that the cyber-attack was equivalent to North Korean commandos infiltrating Sony’s building in Los Angeles and physically torching the company’s servers. Despite this affront, the U.S. struggled to find an appropriate response.

Responding with conventional weapons would have risked a catastrophic war. The benefits of hitting back with a cyber-attack, though, may have been limited by the fact that North Korea’s economy is not heavily reliant on software or the internet.

Massive Growth

The IoT sector is expected to grow to 20.4 billion devices by 2020, and businesses are expected to spend $134 billion annually by 2022 on cybersecurity for IoT devices, according to Juniper Research.

As the number of connected devices grows, bad actors will enjoy more frequent opportunities to create disruptions, seek ransoms, or inflict damages. Public infrastructure — such as power grids and hospitals — and personal property — such as home appliances, virtual assistants, and cars — may prove to be tempting targets.

The most significant threats, though, may be to the more than 8.4 billion IoT devices already available today — especially as security vulnerabilities continue to surface as the devices grow outdated. As politicians and the tech industry focus on boosting security for new products, the legacy gadgets may prove most vulnerable.

A Solution

While there may be recognition of the problem, few senior policymakers, law enforcement professionals, and defense officials have the technical expertise necessary to fully understand the cyber threats of today — much less those of tomorrow.

The importance of this rare expertise is a key reason that LaunchCapital recently invested in Toka, a Tel Aviv-based cyber capacity-building company.

Toka helps governments and law enforcement agencies transform their cyber defenses. The Toka team works with its clients to craft their cybersecurity strategies and creates unique software products to best serve their clients’ needs.

Toka’s all-star founding team includes Yaron Rosen, the former Chief of Israel Defense Forces Cyber Staff, and Ehud Barak, the former Prime Minister of Israel. The team combines deep technical expertise with an extremely strong understanding of the threat landscape and government capabilities. This rare combination gives Toka a unique opportunity to help governments confront cybersecurity threats while building up their own cyber toolkits.

Securing the Future

Cyber conflicts and high-profile hacks are here to stay. The digital world will become more vulnerable before it becomes safer. Governments, companies, and individual citizens will need to learn how to navigate this new reality.

More specifically, our leaders will need to find ways to implement appropriate safeguards while also maintaining our ability to deter enemies and keep our citizens safe. Bad actors will continue to use cyber capabilities to cause damage. It’s absolutely imperative for the “good guys” to maintain a robust, proactive defense to detect, deter — and most importantly — defeat these “bad guys” on the digital battlefield.