Cybersecurity is quickly reaching front and center among businesses and governments alike, as teenage hactivists join forces with anarcho-hacker societies, organized criminal groups look into the cyberspace market, and state-run cyberspying campaigns continue to snoop around sensitive networks.
For these reasons, some of the top names in the cybersecurity industry converged at Queen’s University Belfast in March for the Second World Cyber Security Summit. After a series of brainstorming sessions, they composed a new strategy to secure global computer systems from the new flurry of cyber-criminals.
The discussions were not just empty talk, and with the Cybersecurity Act of 2012 being shot down in the U.S. Senate last week, elements from this new strategy could instead lay the grounds for cybersecurity’s future. Attendees ranged from the director of the Cyber Security Division Director at U.S. Homeland Security, Dr. Douglas Maughan, to the CEOs and CTOs of top players in the market of anti-virus software.
“This report is setting out a vision for the type of research required to solve cyber security challenges over the coming years,” said David Crozier, technical marketing manager of Queens University Belfast’s Centre for Secure Information Technologies (CSIT), via email.
Crozier added that since this is more of a roadmap of where cybersecurity should go next, the technology for this does not yet exist.
“The roadmap will inspire the research which ultimately will lead to some of the technological challenges being solved and brought to market by companies who license the intellectual property generated,” Crozier said, noting that it could take between 5 and 15 years to see the systems fully developed and on the field.
The two main areas of focus were mobile devices—given that more users are browsing the Web with tablets and smartphones—and guarding critical utility systems where cyber-attacks could have devastating consequences.
Crozier said this focus isn’t without good reason, and “well published trends and statistics show a sustained shift from desktop computing to mobile devices as end-user’s preferred method of accessing the Internet and engaging online.” The number of mobile devices connecting to the Internet is estimated to grow to 50 billion by 2020, he said.
“This presents both huge opportunities and huge risks from a cybersecurity perspective,” he said. “These opportunities and risks present many technological challenges which need to be researched. As a research institution our lifeblood is represented by these complex challenges which need to be solved.”
The report also lays out two strategies for doing this. The first echoes Pentagon plans for developing nature-inspired systems that can adapt and quickly respond to new attacks. The other is growing cybersecurity research into a multi-headed hydra that can address all facets of cybercrime at once.
Crozier elaborated on this a bit, noting that nature-inspired cybersecurity “refers to analyzing how natural organisms choose to defend themselves against attack from known and unknown threats and predators,” then building new algorithms to defend against these threats. This is also known as biomimicry or biomimetics.
The multi-headed approach takes this another step further—breaking from the concept that cyberthreats can be addressed through a single approach.
Regarding the overall plan, Crozier said, “Cybercrime is no different to ordinary crime in that there are many innocent victims, its effects cost many billions of pounds and the perpetrators adapt and alter the techniques they use constantly.”
“CSIT’s vision is to establish itself as a global thought leader in cyber security technologies by linking with industry, academia and government to combat emerging cyber threats, through the creation of innovative and world-leading technology,” he said.
