Sometimes we come across a new word or phrase that is not only different, but intriguing. Occasionally these new terms or ideas really catch-on and become a part of mainstream thinking and/or technology adoption. While it is rare, these terms can even become a part of everyday language for technology or even non-IT professionals. For example, concepts like “the consumerization of IT” (initially coined by Gartner) are becoming more well-known to techies and phrase like “cloud computing” are showing up in everyday TV commercials. These terms were virtually unknown a decade (or less) ago.
Which brings me to the topic of today’s blog: What is a healthy cyber ecosystem? If you haven’t yet heard people using these words, I suspect that you will soon. The Department of Homeland Security (DHS) published a white paper in March 2011 entitled, Enabling Distributed Security in Cyberspace: Building a Healthy and Resilient Cyber Ecosystem with Automated Collective Action. What got me thinking about this even more was the term “ecosystem” showing up in recent meetings with technology vendors.
I know, I know, when we think of “ecosystem” we generally see a mental picture of various water sources with plants interacting with wildlife roaming in protected reserves. But this new approach takes the concept into our virtual cyber worlds.
According to the DHS white paper:
“Like natural ecosystems, the cyber ecosystem comprises a variety of diverse participants – private firms, non]profits, governments, individuals, processes, and cyber devices (computers, software, and communications technologies) – that interact for multiple purposes….
This discussion paper explores the idea of a healthy, resilient – and fundamentally more secure – cyber ecosystem of the future, in which cyber participants, including cyber devices, are able to work together in near]real time to anticipate and prevent cyber attacks, limit the spread of attacks across participating devices, minimize the consequences of attacks, and recover to a trusted state. In this future cyber ecosystem, security capabilities are built into cyber devices in a way that allows preventive and defensive courses of action to be coordinated within and among communities of devices….”
While this may seem a bit like “cyber utopia,” I certainly agree with the overall goals. Helpful analogies are provided in the paper such as our human immune system’s ability to fight off disease or the Center for Disease Control and Prevention’s (CDC’s) approach to a flu outbreak.
If a global system of Internet protections are put in place, we “could enable the ecosystem to continuously strengthen itself against the cyber equivalent of autoimmune disorders.”
According to the DHS white paper, there are three main components (or building blocks) to a healthy cyber ecosystem, including automation, interoperability and authentication. Excellent identity management is essential to building the required trust online. The white paper points to the National Strategy for Trusted Identities in Cyberspace (NSTIC) to build the foundations for this trust. The paper also suggests that traditional notions of “command and control” must be recast in the direction of “focus and convergence.”
In my opinion, the section on "focus and convergence" is an area where I have many questions regarding technology and process. Military forces have seen “command and control” working for millenniums whereas focus and convergence seems to me to be much harder to implement with diverse audiences and interests worldwide. For example, it is difficult to get agreement at the United Nations. And yet, I see the numerous benefits associated with this distributed approach, if we can implement a coordinated response to global cyber threats.
I especially like the ideas in a Enabling Distributed Security in Cyberspace white paper that promote more user incentives (page 26). We need to develop new opportunities for global buisnesses to grow and prosper in cyberspace. Still, this incentive area needs a lot of work, since organizations and individuals still deem “doing nothing” as being reasonable responses to cyber threats.
What’s been the wider industry response to the cyber ecosystem concept? First, many news organizations published detailed articles on the topic. Here are a few:
US-CERT’s Powerpoint Presentation (from last year) on this topic also provides more technical details regarding early actions needed to head in this directions. This presentation from a Cyber Town Hall Meeting by some federal government security leaders also addresses risk in a related security framework. A test wiki has also been set up on this topic.
What’s my opinion on the goal of creating a healthy cyber ecosystem? For the most part, I like this concept. On pages 22-26 of the DHS white paper, the healthy and unhealthy attributes to this new virtual world are identified. We are talking about what Bruce Schneier calls “The endless broadening of security.”
However, if I were to summarize this goal in a few words in non-techie language, I would say society wants an Internet that allows users to safely surf their values. We want our online world to reflect what we value in our offline world - including all aspects of our interactions with other people, businesses and governments. No doubt, our online and offline worlds are merging together in new ways each day, and meanwhile the bad guys are getting better at undermining Internet safety.
If this healthy cyber ecosystem is to become reality, we need to be building safety and trust in new ways and not just fighting malware and identity theft. This approach requires a strengthening of protections through the same natural defense mechanisms we have in our human bodies and building trust in online relationships and interactions just as in our “real world” communities. Programs like "neighborhood watch" may provide helpful models.
And a healthy cyber ecosystem will go well beyond traditional cybersecurity topics. Individuals and businesses will be incentivized to enable the good and disable the bad in cyberspace, if they feel they personal ownership over the ability to influence online life. Yes, this means both freedom and shared responsibility for all of us. It offers Internet safety and reliable online communications. A healthy cyber ecosystem can enable virtual integrity for web activities.
What are your thoughts on a healthy cyber ecosystem?
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.