Cyber Know How For Management In The Digital Age

Uploaded on 2018-03-02 in Directors Reports

This is a Senior Management Report, which focuses on executive’s need to understand Cyber security and the opportunities for commercial business.

This Report has been edited to enable reading in a short period of time - in 15 to 20 minuets

Cyber Know How For Management In The Digital Age

We are at the beginning of an electronic revolution that like earlier industrial revolutions will substantially alter and change our society, the way we live, our engagement with others and this one will alter us as individuals.

This revolution is a significant development and intergration of digital, physical and biological systems which will change our individual, national and global electronics, which has been called a Cyber Innovation or Web 0.3, but is probably best described as the 4th Industrial Revolution.

This transformation will completely alter the way we live and experience life and it will happen far faster than previous industrial revolutions.

This new electronic revolution is developing by employing emerging computing technologies such as cognitive electronics and using advanced analysis, nanotechnology, biotechnology, and quantum computing to develop everything from new methods of commercial production, to specific recognition and robotic bio-technology.

This process will alter everything from enhance human brain thinking to automated avionics and robotics and this process will change all types of jobs within education, business, policing, the military and government.

By connecting even more billions of people using mobile devices, electronic connections, storage capability, information accessibility and processing power this revolution will substantially increase the size of the interconnected the world.

Examples of this transformation show that the way humans and other animals will become partly electronic using bio-robotic technology to change ways in which they operate and for instance extending their life spans.

Another example is the development of social media, and this has already enhanced the way in which particularly younger refugees have looked for place to get a new home and residence.

For instance, if you were born and living in Nigeria and you review and discuss options, the mobile you use suggests you could come to Europe and be socially and economically better off and your access to social media may well give you the connections and encouragement to make the trip.   

This interconnected world of cyber offers enormous opportunities to gain understanding, insightful data, commercial expansion and government interconnection. All of which can seriously improve an individual’s knowledge, jobs and potential.  Perhaps more importantly this revolution is already positively and negatively altering our geo-politics and macro-economic development.

The benefits that arise from these relatively recent electronic developments, such as cloud and cognitive computing, are beginning to become enormously influential. However, cyberspace also includes hacker criminal threats, and the growing arena of cyber-warfare.

The potential for engaging with and countering cyber-crime comes in many new unique ways, one of which is Automated Content Recognition technologies. These can extract visual data from thousands of information streams. It can do this simultaneously and use new algorithms that can search these cloud-based indexes in seconds. This produces a specific relevant answer within seconds something that would have taken hours and probably days using a human analyst production process.

Some of the latest AI techniques allow users to identify specific moments or in-video elements with extreme accuracy. Whether it is facial recognition for national security purposes or tracking products to monitor ad spends, this technology has for instance the power to revolutionise how a range of industries use video to effect business and sometimes to monitor potential cyber-crime.

Everyone from governments, commercial organisations and you as individuals all need new understanding, strategies and specific tactics using Cyber’s outlook and potential. This requires a change in perspective, continued research and changes to working methods employing the relevant technology that projects into the new interconnected global future.

It is very important that individuals, commerce, police forces, the military and all other aspects of government create and continually review an electronic cyber strategy ensuring that this is used in their tactics on the ground. The results will be far more effective, precise and relevant than can be achieved using traditional methodologies.

Each strategy should incorporate the different areas of electronic relevance to government, commerce and individuals that offer real opportunities for globally connected future progress, while ensuring that capable security is implemented and continually up-dated.

This 4th Revolution employs deep data analysis with interconnections and links to Bio-technology, Artificial Intelligence, robotics and the Internet of Things which will significantly alter us as humans and the places we work and live.

When used well these processes ensure our security, as well as significantly improving the broader issues of global and national macro-economics, intelligence, law enforcement and geo-politics.

When misused by criminals and cyber warfare activists this transformation has the potential for catastrophic outcomes. 

Background

Cyber represents the largest development and change to the global economy since the Agricultural and three Industrial Revolutions and is now described as the Fourth Industrial Revolution.

The Agricultural Revolution introduced crop rotation and later automated harvests. The 1st Industrial Revolution employed steam and water power to automate production processes. The 2nd utilised electricity for mass production processes. The 3rd used IT and electronics to automate production.

This 4th Industrial Revolution is merging the physical, electronic and biological domains.

It represents a significant transformation from mechanical and analog into a new global interrelated data information revolution perhaps better defined as the Cyber Digital Age which, integrates the physical, cyber and biological areas.

This revolution will also encourage even more information, news, data, and emotional sharing as well as potentially increasing new methods of propaganda, spying, theft and electronic warfare across the world.

All forms of electronic connection, communication and attack have become digitised and radically transfigured into a new digital revolution, where different types of computers are becoming the new brain child of our culture. Just as the mechanisation of agriculture and then production took over the mussels and body of our workers so the computer begins to replace our brains but this process has taken nearly two hundred years.

Computer history began with Charles Babbage, a Cambridge University Professor, who in 1837 designed the first computer called the Analytical Engine. The machine’s programing process was invented by Ada Lovelace, the daughter of Lord Byron the English poet, and she became the first computer programmer.  

However, the Analytical Engine did not get built, and it was a hundred years later Alan Turing also from Cambridge University created arguably the first complex working computer that changed secret Intelligence collection and propaganda helping the Allies to win the 2nd World War.

And so the development and engagement with computing began from an academic and government perspective and developed into digital information technology and has created Cyber-Space.

This new expanding area known as CyberSpace can be visualised as a vital electronic layer, similar to a nervous system running through many national and international sectors and systems.

The concept of CyberScape is used to describe the systems and services directly or indirectly connected to telecommunications, electronic systems and IT computer networks and this enables everything from electricity, power supplies, water systems, transportation and digital infrastructures, like the Web, to communicate, operate and function effectively.

This electronic arena offers us ways to understand and communicate with different communities, commercial activities and to have global conversations allowing us opportunities to change activities and to alter what we, as individuals understand, and the organisations we work for and with, will become in the future.

Cyberspace has already transformed many areas of an organisation’s operational and commercial engagement. It is evolving from a technical and often complex ecosystem, into a range of global and tactical actions, and has now broadened into a strategic systems planning requirement.

From an individual’s view point these systems, if used well, offer an enormous amount of connectivity, data sharing and analysis that can really expand their views on the governance, intellectual progress and potential for work specialisation and productivity going forward.

These cyber systems and their engagement require far more management and employee understanding and this involvement cannot be left just to technologists. Individuals, politicians and business employees and management must engage and understand the strategic plans, commercial opportunities and security implications.

The very nature of the Internet creates global collaboration that is changing the way in which we view social connections and national borders. Now the modern globalised society is increasingly dependent on an array of organised and sometimes randomly interrelated electronic infrastructures.

Many organisations see Cyber as a growing intellectually connected strategic and tactical policy network that has current and evolving opinion, news analysis and opportunities, but with significant security issues that can be used to steal and monitor an individual’s and an organisational data.

Networks leave "exhaust" data, which relates to the activities and transactions of network traders and collaborators, which in turn tells us forensically much about what happened with the data’s use.

We are unable to trap and reutilise this in the physical world. But in the cyber world we can. This is the powerful data that makes networks more efficient, individuals, customers better served, companies more knowledgeable. It is also a huge source of insecurity, and we have tended to trade off these disadvantages against the upside but we should do so no more.

The process now requires thoughtful planning, tactical implementations and far more electronic security and thoughtful analysis and potential opportunity understanding than it did even a few years ago.

The changes that this technology brought to individual analysis processes has been incredibly significant, however the revolution will really occur once the digital cyber inter-connectivity is fully employed.

All of these issues need to be understood and engaged with at an individual through to a senior management level and this certainly includes those who are not necessarily completely engaged with IT issues as aspects of this change will affect all individuals, their social engagement as well as their working and national life no matter what type of work, research or social life they are part of.

The Creation of Cyberspace

Introduction

The sheer growth of the Internet in such a short space of time has been quite incredible. Back in the 1980s only a few academics and scientists knew of the Internet, but now it has an audience and users in the billions. It has changed the way we think and act. It has attempted to alter many areas of warfare, social society, commercial operations, crime, to national and cross border communications and certainly all areas of security.

Part 1 History and Background

The previous relevant revolution from Agricultural to 1st, 2nd and 3rd Industrial Revolutions will be analysed for the ways in which they changed society, jobs, individual perceptions, geo-politics, security and macro-economics.

This will then be followed by a review of the history building towards the 4th Industrial Revolution and a discussion of the history of cyber technology, beginning with Charles Babbage and his ideas and thoughts on computing and his designs for the Analytical Engine.

During the 2nd World War Bletchley Park began the physical development and broke the Enigma code being used by Germany. Later the development of electronic computers in the 1950s and the development of packet networks which was the creation of a number of science laboratories and universities in the US, France and the UK.

Part 2 Government Involvement in Cyber Security and Commercial Opportunities

The advance of digital technology and the greater access to personal and corporate information and data has created a global black market for stolen data and personal private information. As a result the improved hacking and information theft has affected all sectors of the global economy.

Today over a third of the world’s population of seven billions uses the Internet and this usage has grown by over twenty times in a decade. And the issues that need to be understood and engaged with have grown from an electronic and computing technical understanding to one of planning, strategy and tactics by everyone from a government down to an individual level.

The concepts of Cyber and CyberSpace are used to describe the systems and services directly or indirectly connected to the Internet, telecommunication systems, the Web and all the inter-connected electronic and computer networks.

From a government, intelligence agency and border policing perspective the strategy required to deal with CyberSpace has some historic similarities to the way in which oceans were used by nations and groups for inter-national exploration, research, trade, military and naval attacks and piracy. The oceans have similarities in this model to the current Internet and the Web is similar to trade routes and the piracy, which was used on the trade routes as hacking is now used on the Web and across different aspects of the Internet. Piracy was also used by governments, who often called it privateering, as well as by groups of independent pirates.

Piracy was gradually contained and finally internationally significantly reduced, but this process took a very long time.

It required government agreements, extensive intelligence analysis and naval engagement before the reduction of piracy was achieved. However, this extended process took centuries to accomplish real success and finally significant aspects of it were outlawed by the Peace of Westphalia and put into international treaties by the Declaration of Paris in 1856.

And in the 20th century, when the invention of aeroplanes changed many national views on international air space, it came to governments and corporates to review and legalize international flights. The process of agreements on across border flights, although sometimes difficult was far more effective and faster as a process than the time shipping and piracy agreements had taken. A similar type of process is needed by current governments to achieve Cyber agreements and to reduce the costs of Cyber-crime.

Not only did these historic agreements alter commerce and international trade economics, they also changed the ways in which secret intelligence organisations operated in the new environment.

We have gone, in a relatively short space of time, from senior politicians and ministers of state saying that government’s don’t read a ‘Gentlemen’s mail’, to Snowden’s ‘revelations’ that government’s do occasionally review your social network profile, and they do occasionally read your email. Yet openly they have claimed that they don’t.

Part 3 CyberScape – The Growing Influence of Cyber

Cyber issues have entered most of the areas of any organisation’s systems and often, routine working methods and communications. Therefore, the whole operational process requires far more strategic management involvement and much more sophisticated Cyber security engagement from very senior levels of an organisation’s management. The process also requires far more technical planning and precise tactical understanding than these issues did even a few years ago.

In manufacturing for instance a number of remarkable technologies are converging from sophisticated software, innovative materials, robotic manufacture, cognitive computing and pioneering industrial processes, one example of which is three-dimensional printing and where these areas interconnect with an organisation’s IT systems which might give hackers ways into the organisation’s private data and copyrights.

Part 4 Cyber Threat – Denial to Hacks

The Cyber-threat landscape has also significantly evolved in recent years moving from a denial of service and website disruption to far more advanced hacking. Hackers (Hackers are named as such in the IT security arena as someone attempting to steal and or exploit weaknesses in a computer system or network) are now using sophisticated and more complex technologies to achieve data, financial and political benefit.

This new global revolution has influenced almost all aspects of modern society and has opened a mass of new developments and opportunities. It has created a knowledge society that personalises many areas of the economy and across markets it is changing jobs and specialisations and globally it is substantially increasing our ability to use enormous amounts of data and knowledge.

Part 5 – Cyber Opportunities

A series of global market and political opportunities will be analysed and reviewed including Global Market Assessment, Commercial Cyber Opportunities, Law Enforcement Cyber-crime prevention, Cyber-crime analysis and Cyber opportunities that can be used to reduce crime and profile the criminals.

Other Cyber areas that will be reviewed such as Cyber Propaganda, Cyber Press and Public Relations, Social Networking analysis, Cognitive Computing and Cloud Computing.

Cloud Computing

Cloud Computing defines a model of networked computer power where an application, or program, runs on a series of connected servers rather than on a single local computing device such as a Mac or PC.

  • Cloud computing is often considered a significant landscape-altering technology that is enjoying increasing rates of adoption and implementation, however companies often engage with the Cloud without taking sufficient risk management precautions.
  • Cloud Computing has the potential to not only become a defining technology of the twenty-first century, but also as defining utility, just as electricity was for the twentieth.
  • Cloud Computing is a multitude of services that are usually provided over the Internet on a usage or metered basis. Cloud Computing involves the sale of computer software and hardware as services, which an organisation can rent instead of purchase.

The Cloud is run and sustained by cloud service providers through a network of server farms, which offer their subscriber’s unlimited availability and data storage, along with seamless access to software, applications provisioning, and automatic upgrades.

Cloud Computing architecture comprises of four rising distinct layers and we will begin with the base.

  • First there are the physical resources the computer hardware and hosting platforms and network connections.
  • Second there are the systems management tools, which form the infrastructure as a service layer. These are typically data centres and virtualization technology is used to maximise the use of physical resources, applications and the quality of service.
  • Third above is the platform as a service (PaaS), which binds all the middleware tools.
  • Fourth at the top are the user-level applications such as social networks and scientific models that are hosted in the software as a service layer (SaaS).

However, perhaps the biggest concerns about Cloud Computing are still the security and privacy issues.

The idea of handing over important data to another company rightly worries some people. Corporate executives might hesitate to take advantage of a Cloud Computing System because they cannot be sure of their company's information security.

Some of the security questions regarding Cloud Computing are more philosophical. Does the user or company subscribing to the Cloud Computing service own the data? Does the Cloud Computing system, which provides the actual storage space, own it? Is it possible for a Cloud Computing company to deny a client access to that client's data? Several companies, law firms and universities are debating these and other questions about the nature of Cloud Computing.

There's a growing concern in the IT industry about how Cloud Computing could impact the business of computer maintenance and repair. If companies switch to using streamlined computer systems, they'll have fewer IT needs. Some industry experts believe that the need for IT jobs will migrate to the back end of the Cloud Computing System.

The pressure on the CIO not only to deliver a successful migration, but also to accurately predict the financial benefits of the move, is enormous. Rather than focusing on a simplistic cost comparison between two completely incomparable models, IT managers will be helped to build a more compelling case for Cloud.

Part 6 Innovational Effects on Government, Commerce, Individuals, Society and Culture

The changes to security will progress as even more aspects of cognitive computing and robotics are put to use in different areas of government, policing, commerce and the personal economy. And on the personal level Cyber is beginning to alter the way we consider individual identity, our traditional concepts of hierarchy, beliefs and nationality.

New research and planning is therefore required to meet the rapidly emerging criminal opportunities, challenges and threats from broadband technology, networks and the response required for Cyber security to effectively operate.

From a security perspective the range and number of targeted Cyber-attacks continues to climb steeply and any individual or organisation can be the goal. While opportunistic mass hacking attacks are still being used, targeted attacks are showing much higher growth rates, as they potentially provide much greater gains for the attackers.

The UK government’s assessment puts intellectual property theft and espionage as the most damaging and costly criminal activities. However online theft, fraud, identity theft and data loss cost millions every year. UK research suggests that over eighty-three percent of large companies and sixty-four percent of small businesses reported data breaches in 2014.

Hackers are now subtly going to greater lengths to personalise their exploits in order get people to drop their guard and get them to believe that the fake email, with attached malware, is genuine. Increasingly these Cyber exploits are becoming successful.

The attack process is becoming easier as there is a growing amount of information provided by individuals and organisations about themselves, and this is often now available online, particularly in professional and social networking sites.

Part 7 Government and Terrorist Cyber Attacks and War

The interconnectivity of Cyberspace, its reach, structure and sophistication has significantly changed some of the concepts of national security, geo-politics and global trade.

And so the availability and rapid dissemination of high-speed digital networks and the lessons from Cyber-attacks have also recently caused some 21-century policy makers to prioritise Cyber Warfare security making Cyber the forth, or fifth, part of Western military structures alongside the Army, Navy, Air Force and some military operations in Space.

In the corporate area security software and hardware have been found to have increasing vulnerabilities due to the lack of its strategic design. And many IT systems have very ineffective anti-hacking codes and overall security standards that are not being taken as seriously as they should and they are not yet effectively employed.

At best CyberSecurity solutions are dynamic and adaptable, with minimal impact on network performance. In contrast, we see other approaches such as national-level filters and firewalls. These often provide only an illusion of security while hampering the effectiveness and growth of the Internet as an open, interoperable, secure, and reliable medium of exchange.

For most people the same is true commercially; Cyberspace for should remain at a level playing field that rewards innovation, entrepreneurship, and industriousness and it should not be a venue where states arbi¬trarily disrupt the free flow of information to create unfair advantage.

Cyber issues now affect everyone from the way their power and electric supplies operates through to their personal identity and banking codes to the research they might do commercially or personally on the Web.

However, the dangers and problems have significantly increased and constant attacks by Cyber criminals, activists, hackers and foreign states trying to steal official and commercial secrets mean cyber-attacks are now ranked on a par with international terrorism as a threat by many governments and some of the large corporates

Part 8 Cyber Strategy

Government

Some of the more sophisticated Cyber threats and attacks come from other States and Nations via their own Government which use Cyber methods to spy on government operations and corporates in order to copy and steal copyright and commercial assets.

Cyber is also used by terrorist operations to spread propaganda, raise funds, operate their tactical command structures and to engage with communications.

Cyber has now become the new aspect to Military operations for many governments and so after the army, navy and air force we now have Cyber commands.
 
Corporate 

Cyber security needs to be a Main Board strategic concern and a team that includes the CIO/IT Director must report directly to the main board. An independent team must also be used to review and randomly check processes and procedures and data on a regular basis and this team should be independent of the IT department and its day-to-day operations. It should act as an independent audit team.

This independent team should be reviewed by the Board and by internal IT management and the changes should be incorporated within the strategy and tactics.

Cybersecurity needs to be a understood at the highest levels of all organisations and should be significant strategic concern. To help counter the attacks and threats Security Risks Teams should be formed that include the CIO, Strategy, IT and Development Directors and a team of independent analysts who should regularly report about Cyber directly to the CEO and Main Board.

From a security viewpoint the independent external team must also be used to review and randomly check processes and procedures and data on a regular basis. The teams used would be similar to the Annual Financial Audits and this Cyber Security Audits Team should be independent of the IT department and its day-to-day operations.

It should act as an independent audit team on an irregular basis throughout the year and it should use white hat hackers to delve deep into the electronic systems looking for current and potential problems. This team should frequently report to the Board on changes of security and should produce current Cyber Reports.

Most importantly, an internal and external product/service development team should frequently review Cyber opportunities and these should be reported to the Board and changes incorporated within the organisation’s strategy and tactics.

The Board should also separately discuss worst-case scenarios with the CIO/IT Director and reviews should independently take place using outside consultants as Cyber-crime is costing businesses around the world over $300 billion a year.

« Blockchain & Cryptocurrency May Soon Underpin Cloud Storage
Fake News Is A Cybesecurity Threat For Businesses »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

softScheck

softScheck

softScheck is an IT security consultancy. Services range from pentesting and compliance testing to security auditing of software and IT infrastructure.

APWG

APWG

APWG is the international coalition unifying the global response to cybercrime across industry, government, law-enforcement and NGO communities.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

MerlinCryption

MerlinCryption

MerlinCryption develops infrastructure security software, delivering advanced encryption, authentication, and random data generators, for Cloud, VoIP, eCommerce, M2M, and USB hardware.

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

Slovenian Digital Coalition

Slovenian Digital Coalition

Slovenian Digital Coalition is a coalition working in the field of smart cities, e-commerce, e-skills, e-inclusion, cyber security, internet and other areas related to developing the digital society.

Elysium Analytics

Elysium Analytics

Elysium Cognitive Security Analytics delivers the latest and most flexible security system to reduce cost and complexity while providing unmatched scalability.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

ICS

ICS

ICS is a leading provider of outsourced IT services, cybersecurity, communications, and distributed workforce solutions throughout the US.

Rhodian Group

Rhodian Group

Rhodian Group (formerly Adar) specialize in providing Technology, Cybersecurity, and Compliance services to the insurance industry.

Salus Cyber

Salus Cyber

Salus is a provider of world-class cyber security services, enabling our clients to identify and manage their cyber risks proactively and effectively.

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.