Analytics in Security SystemsOne of the themes I found of central relevance to protecting our infrastructure is the role of analytics in security systems and need for focused analysis protocols. Hardening systems and embedding defense is important, but detecting dynamic system anomalies, identifying weaknesses, and maintaining intelligence about threats and potential threats is equally as critical. The ability to recognize emerging threats and articulate a strategic focus on core business assets is a key to resource allocation and effective system protection. Analytics are more than technical approaches and are most effective when tied to strategic business objectives. While the conference focus was energy security, the core security principles examined apply to all business and government environments.
Of course analytics are not the complete solution. The largest risk in cyber security remains the human element and what is often referred to as social engineering risk. It is critical to create a culture of awareness in organizations, because solid defensive measures begin with individuals and the actions they take daily; most major security breaches (organizational or individual) originate in human actions resulting from phishing or other techniques to extract information from individuals. Human and technical approaches need to work together to be effective, particularly since deception techniques have become more sophisticated.
Strengthening the Cyber Security WorkforceI was on a panel about building the cyber security workforce with two students from SecureSet Academy and discussed various approaches to producing more qualified personnel in the field. You may have read about coding and cyber boot camps that are designed to concentrate technical study and produce capable graduates in a shorter time frame than traditional academic degree programs. SecureSet Academy produces graduates -- after 20 intensive weeks of instruction -- which have mastered core cyber security concepts and applied those concepts to projects. Those who successfully complete the SecureSet Academy program may receive academic credit to accelerate completion of Norwich’s online bachelor’s degree program in cyber security. This partnership approach will likely become more prevalent as students look for pathways to develop industry-specific skills that can enhance their career opportunities.
William Clements (far left) pictured above at the Energy and Cyber Security panel discussion.
Simulating Energy & Cyber AttacksThere has been recent denial of service attacks launched through the Internet of Things (IoT), comprised of remote devices that have limited functions but have proliferated across industry and in private settings. Perhaps you have smart devices such as your refrigerator, doorbell cameras, security cameras and a host of other sensors too numerous to list. These are all part of the IoT and have increased internet traffic and, more importantly, security risks as demonstrated by the denial of service attacks launched through this platform.
Fortunately, there are plenty of smart folks working on solutions to enhance cyber security across many domains, and partnerships such as the Norwich-SecureSet Academy effort are helping to produce individuals who can fill our national cyber protection needs. The conference also included a hands-on session coordinated by Phil Susmann, President of the Norwich University Applied Research Institutes, during which teams participated in a simulated attack scenario on power distribution system. NUARI employee and Master of Science in Information Security and Assurance student Zack Fuller also helped run the exercise.
The platform used for the exercise was the Distributed Environment for Critical Infrastructure Exercises, or DECIDE™, developed by NUARI. The DECIDE-FS platform was designed for the financial sector, with significant support by the U.S. Department of Homeland Security and U.S. Department of Treasury, and is now being adapted to the energy sector. The conference exercise provided a glimpse at how the tool can be used to enhance security within critical infrastructure organizations, identify weaknesses in policy and practice, and enhance communication. I should also add that the DECIDE tool was nominated by FedScoop 50 as one of the best and brightest technologies implemented this year that make the federal government more efficient and effective.
I look forward to exploring this area more and developing coursework and continuing education opportunities in the coming year. If you or your company/organization have specific needs or ideas for training and education in cyber security, feel free to drop me a line; the field is evolving so quickly that many of our students and faculty are working in front line positions best able to provide insight for our programs.