Cybersecurity: Increased Transparency and the Role of Civil Society

Cybersecurity: Increased Transparency and the Role

of Civil Society

Presented by Sarah Grangerfrom the Center for Technology, Media & Societyto the Monterey Institute of International Studies

May 7, 2013

Cyber Threats

Reality

Threat Origins

• State based military cyber offense experts

• Mercenary hacker networks, hired by governments or non-state organizations including terrorist groups

• Rogue hackers• Hactivists

Who’s on Alert?

• Military / DoD• Critical infrastructure organizations• Government agencies• Financial Industry• Companies with valuable technologies• Media

Expanding Concerns

• No longer in the Containment Era – new threats everywhere

• Technology and hacking tools becoming easier and cheaper to obtain

• Critical systems decentralized and often privately held, security levels unknown

• Most incidents happen across multiple boundaries; tracking is difficult & law enforcement challenging

The New Military

Meanwhile…

• Greater demand from the public for government transparency

• Greater push within government for increased transparency

• International pressure for responsible governance

Walking Transparency Talk

Transparent Cybersecurity

• White House cybersecurity executive order for improving critical infrastructure

• Transparent process involving multiple stakeholders, including civil society leaders

• Public-private partnerships, information sharing• General public providing tips, assistance via

social media• Hactivists participating in limited major events

Recent Examples

• Wikileaks – hacker group stole information, published secrets• Stuxnet – military cyber

offensive used for kinetic attack• Boston – public use of social

media assisted in apprehension

Gray Areas

• Pre-emptive cyber attacks (Iran)• Hybrid attacks (Israel)• Cyber espionage (China)• Propaganda proliferation (North Korea)• Surveillance (UK)• Censorship (Everywhere)

The New Normal

Global Paradigm• Blending of virtual and physical security• Assumption of ubiquitous connectedness and

limitless data• Creation of resilient, protective defensive

networks• Adoption of dispersed threat response

framework• Recognition and preparation of scalable policies

Government Shifts…

• Away from coercion, toward credible influence

• Away from exclusion, toward participation• Away from borders, toward networks• Away from secrecy, toward transparency• Away from reaction, toward resilience• Away from containment, toward

sustainment

Role of Civil Society• Education – to government, stakeholders, public• Participation – engaged with government initiatives• Innovation – providing new tools, technologies,

processes• Partnerships – building bridges between

government and industry, academia, general public

• Vigilance – never letting up on the role of transparency

Major Hurdles• Accelerated growth of technology• Limited human resources in government• Existing bureaucracy, red tape• Existing power structures around security• Data ownership disputes• Silos of open government communities• Language barrier between government, public

At the End of the Tunnel

Seeds of SuccessWe’re learning (ref. recent major hacks,

Boston response)Access to government data and information

becoming easier and cheaperCivil society is becoming closer to government

through social media, crowd sourcingMore online services than ever beforeRapid response is becoming a reality

Next Steps• Increase technology education of government

leaders, work force• Build better crowd sourcing and communication

tools for all – from White House to town councils• Adopt smarter policies, including mobile and

social• Open data gradually and purposefully• Invite officials to participate in the dialogue online

Questions?

Contact:Sarah GrangerCenter for Technology, Media & Societyhttp://www.cftms.orgTwitter: @sarahgranger @cftmssarah@sarahgranger.com