There are many challenges in cybersecurity. Most challenges are due to adversaries that continue to innovate and create new means of breaking into systems. But other challenges come from leaders who do not learn the lessons from history. We have called that problem cyber threat amnesia, the observed tendency of any organization to forget the cyber threat exists as soon as they remediate their current issue.
One of the cures of cyber threat amnesia is education. By informing future leaders of what is going on today and what has happened in the past we can help ensure cyber threat amnesia is minimized.
I have suffered from cyber threat amnesia myself. After years as an intelligence officer where I learned of the threat of foreign espionage I paid little attention when I heard stories of the Hanover Hackers, for example. That was some wild stuff but I sure was glad someone else took care of that. Much later I was working on the Joint Staff, and an associate told me about something called Eligible Receiver 97. I was amazed to hear that penetration testers had proven that they could get from the open Internet to sensitive DoD networks. My response was something like “Wow that is serious, I’m so glad someone else is taking care of that.” I was demonstrating the very human condition of hopefulness and desire that everything would be ok if I just ignore it. Bad mistake on my part, and it is a mistake I share in the hopes that others don’t make it as bad as I did.
Anyway, from there I was part of a small team that was stood up to work cyber issues for DoD, we were the first military command with authority to order action in DoD networks, the Joint Task Force for Computer Network Defense (JTF-CND). We would later evolve to take over operational responsibilities for many key cyber attack activities (JTF-CNO) and then evolve to have even more operational authorities as JTF-GNO.
JTF-CND was the forerunner to what would later become US Cyber Command, which is now on track to become a unified command, a statement of the importance of cyber to military missions.
We worked issues that should be known throughout the military and cyber defense teams in industry. Operations like Moonlight Maze and the major virus and botnet attacks were all handled by JTF-CND.
This summer marked the 20th anniversary of ER97, the event that kicked off DoD’s focus on things cyber and led to the creation of JTF-CND and Cyber Command.
On 10 October 2017 a special workshop will focus on the events of 97 and 98, including Eligible Receiver, Solar Sunrise and Moonlight Maze. Organizers include the original commander of JTF-CND, retired General John Campbell. Speakers include Rob Joyce, the current White House Cybersecurity Coordinator, Dr. Thomas Rid, and Dr. John Hamre.
Topics include not just the examination of the past, but a contextualized assessment of the current state of cyber operations and a focus on how the future should shape our actions today.
For more information and to register see: Cyber At The Crossroads
And to track more on this topic see ThingsCyber.com
Which reviews the most critical components of the Tech Landscape Thigs Cyber will provide insights into Cyber Threats, give succinct recommendations on Protecting Your Information, review and point to the most interesting Tech Enabled Entertainment (including Sci-Fi), review Books and Tech Gear, give reviews of the best Tech Training, and keep it all in context with a healthy dose of Humor.