keynote jarno limnéll dssitsec2016

Strategic Trends in Cybersecurity – and Security

Jarno LimnéllProfessor, Cybersecurity, Aalto UniversityAdjunct Professor, Tampere University of TechnologyVP, Cybersecurity, Insta Group Ltd.Doctor of Military Science@JarnoLim

Security is an Enabler

Five Strategic Trends in Cybersecurity

The human source is the most valuable resource in

cybersecurity and the value of talented individuals is increasing.

“If you’re interested in the opportunity to make a difference in defending your nation, if you’re interested

in the opportunity to work with a bunch of motivated men and women...”

Russian Defense Minister Sergey Shoigu: Ministry had started a “big headhunt.”

Alternative to prison Russia sometimes offer to hackers convicted

of cybercrimes working for FSB

MIT Technology Review Custom conducted an online survey of IT and business executives and managers across a broad range of industries in February 2016.

The most valuable skills for cybersecurity career in next years may not be a focus in

specific technology, but ability to understand the big picture as

strategic thinkers.

Trend 1:Cyber arms race for

talented people.

“An artificial intelligence president could be truly altruistic. It wouldn’t be susceptible to lobbyists,

special interest groups or personal desires.”

Smart = Exploitable, Vulnerable

Security by Design

The Culture of Responsibility

…weapons that can identify targets and make decisions.”

Can a machine be trusted with lethal force?

Advances in technology pose difficult moral questions for humanity.

It is not clear who is responsible for providing answers.

The ethical implications,

The importance of Digital Ethics

We also need considerwhat better not to digitize.

How much control of our lives do we want to give over to machines

– and to the corporations that build and operate them?

Trend 2:The new era in

technology needs strong emphasis on ethics,

integral part of security.

“Cyberattack on German steel plant caused significant damage”

KINETIC CYBER

“A cyber attack on the French television network TV5 Monde”

FALSE FLAG ATTACKS

“The Dukes: 7 Years of Russian Cyber-Espionage”

STRATEGIC CYBER ESPIONAGE “Hackers breach the Warsaw Stock Exchange”

CRITICAL INFRASTRUCTURE

States are testing the boundaries of the cyberbattlefield.

according to new details from an extensive

investigation into the hack, they were

skilled and stealthy strategists who

carefully planned their assault over many

months, first doing reconnaissance to

study the networks and siphon operator

credentials, then launching a synchronized

assault in a well

Coordinated December 2015 attack on the Ukrainian electrical grid was clearly an attack on critical national infrastructure.

Cybersabotage emerging

Cyber component in all wars and crisis

New ways to utilize cyberspace appearing fast.What next is the real question.

Increasing importance to understand cyberspace as a political domain.

Issues related to cyberspace and its uses have vaulted into the highest realm of high politics.

“Proportional response”

Cyber operations suit well to the political-military hybrid environment

The adversary is usually difficult to locate

Less political risks, cyberpolitics on early stage

Cyber op´s in international law still a grey area

Often conducted by non-state actors, deniability

The role of non-kinetic actions in today´s war

Jarno Limnéll

GU

IDA

NC

E

POLITICS

Cyber should not be separated from the political and strategic context.

Trend 3:The world is moving towards a

greater strategic use of cyber capabilities.

Cyberpolitics needed.

New Normal in Security:

Speed of ChangeUnpredictable Instability

Digital-Physical Integration

How to integratecybersecurity to security.

Imp

act

Likelihood

There are relatively few “cyber only” operations

Trend 4:The line between

physical and digital security is blurring.

TODAY WE CONCENTRATE TOO MUCH WHAT WE KNOW AND OBSERVE.

WE SHOULD THINK MORE CYBER METHODS WHICH HAVE NOT BEEN USED YET – OR

WHICH WE DO NOT EVEN KNOW.

Trend 5:

?

jarno.limnell@aalto.fiTwitter: @JarnoLim