It is clear that there is an unrelenting increase in cyber attacks. Indeed, the media at large is now bombarding the community with a stream of isolated security incidents, one after the other, leaving most of us on “main street” feeling paralyzed and wondering: Is this just sensationalism? How bad is the situation really? Those of us who are charged with responsibility for ensuring IT security will be asking, why are our security controls failing so badly? What are world-recognised cyber security leaders in Europe, USA, and around the world saying our current situation is?
My colleagues in Synaptic Laboratories Limited have provided some interesting summaries of the current situation. Synaptic Labs is an information security Research and Design organisation, based in Malta. You can learn about Synaptic Labs here: http://www.synaptic-labs.com/resources/streaming-videos/synaptic-labs-2012-annual-reports-video-series.html#one) You can learn more about their cyber awareness promotion activities as published in the Malta Independent on Sunday 6 April 2012. A copy is now available online at http://www.independent.com.mt/news.asp?newsitemid=142379
Synaptic Labs have recently completed production of two comprehensive presentations that seek to answer those questions:
( a ) Synaptic Labs’ 2012 Annual Report Surveying the Global Cyber Safety and Security Status
( b ) Synaptic Labs’ 2012 Annual Report Surveying Key Cyber Security Technical Problems, Drivers and Incentives
To provide some context, Synaptic Labs has spent many years of effort collecting authoritative positions, statements and actions of Government and world-leading security experts to guide their information security research and development efforts. As a public service, Synaptic Labs has now distilled that extensive body of knowledge into two stream-lined presentations in a format that they believe should be accessible to all ICT stakeholders who have a desire to know, …. that is, you and me. Synaptic Labs has made these resources freely available (no registration required) as both a streaming VIDEO and SLIDE SHOW in Adobe Acrobat format.
Presentation ( a ) is a very high-level overview of the cyber status and, drawing on the published opinions of experts, builds the case for lay-people (as well as safety and security experts) that today’s mainstream cyber-security ecosystem is fundamentally flawed and that this places the entire community at risk.
Presentation ( b ) discusses the problems with hardware computing architectures, identity management and cryptographic key management, the Internet, and mainstream operating systems. It outlines Synaptic Labs’ proposals in the secure computing, identity management and cryptographic key management and networking space. This presentation is also interesting because It also addresses the market incentives to address these problems.
The spoken audio in the video is almost identical to the written content in the slide shows, and so for those with little time viewing the pdf’s is probably the fastest way to review the content. However, the videos include snippets of video clips of world leading security experts presenting their opinions at various top level events, including:
- Mr. Brian Snow (Former NSA Technical Director, IAD)
- Ms. Debora Plunkett (Current NSA Technical Director, IAD)
- Dr. James Andrew Lewis (Director and Senior Fellow, CSIS)
- Prof. Jeannette Wing (President’s Professor of Computer Science, former NSF)
- Prof. Joseph S. Nye, Jr (The Sultan of Oman Professor of International Relations)
- Ms. Melissa Hathaway (Led the U.S. cyber space policy review)
- Vice Admiral J. Mike McConnell (Intelligence adviser to U.S. President)
- Mr. Landon Curt Noll (Cisco)
- Mr. Paul Earsy (SafeNet)
- Mr. Robert Quick (QPM, former Assistant Commissioner Specialist Operations, UK)
The message in these presentations is very clear Furthermore, the technical terminology has been kept to a minimum.
I am currently working with my colleagues at Synaptic Laboratories Ltd to create a series of short articles that draws on their information and my own 20 years experience reporting on cyber security issues. In these articles we aim to provide all readers (no matter your background or computer skill level) a clear and honest picture of the current global cyber status, an understanding on the ramifications if we do not adequately address the fundamental problems, and advice on how each of us, acting individually and collectively, can start to help get our communities out of this mess!
I am looking forward to finishing this new series of joint articles very soon! In the meantime, be sure to check out the above two presentations!
Pierluigi Paganini, Security Specialist