Staying ahead in the cyber arms race

Head of Cyber, BAE Systems Applied Intelligence Read time: 3 mins
With many countries focusing on developing offensive cyber capability, Dr Mary Haigh examines what needs to be done to stay ahead of adversaries
Global Executive Client Forum blog My Grandma worked at one of the listening stations, Beaumanor, relied on by Bletchley Park in the Second World War.
 
The pioneering code-breaking work which took place at Bletchley Park sparked a revolution in computing and intelligence gathering that underpins my cyber work today. And again we find ourselves in a race, not to break Nazi codes, but to achieve supremacy in the cyber battlefield.
 

A new battlefront emerges

Within the next decade it is reasonable to assume that, for developed nations, offensive cyber will not only be part of weapon systems but will also form part of their defences in fixed and mobile platforms.
 
Offensive cyber will also be a powerful enabler for deception and misinformation. For example, factors like climate change driving global migration are likely to create strong opportunities for creating unrest via some targeted misinformation.
 
We mustn’t forget, though, that it's not just developed nations that will be affected.  Less developed nations, non-state groups and terrorist groups will also find it very attractive.  Compared to large platforms like aircraft, ships and tanks it’s inexpensive and there are very low barriers to entry.
 
This means each nation is going to need its own legal frameworks in which to operate, true to their own values and ethics. And each nation is going to have to have freedom to act and so should consider the development of their own sovereign cyber capability.  The economic benefits of doing so are significant, even in industries outside of the military space.
 
As this arms race accelerates, militaries will need to shift their strategies around three core principles – the interdependencies between offensive and defensive cyber, the need to be secure by design and secure in operation; and the recognition that some penetrations will occur and therefore they need to be ready to respond and recover.
 

A tapestry of interconnections

I read some fascinating research recently on the fungal networks that exist beneath the forest floor. Above ground trees appear separate, distinct and discrete. But below ground the entire forest is connected and interdependent through fungal networks which spread for miles.
 
I think cyber can learn from this. We need to stop thinking of offensive and defensive, friendly nation to friendly nation, army, navy and air as separate and isolated. To have a healthy, strong ecosystem we need to create the linkages – the invisible far reaching fungal network that maintains the health of the whole cyber forest.
 
Take training, for example. Militaries should train offensive and defensive response together in order to recover in the field and as best as possible from attack and possibly counter-attack.  Conversely, if militaries want cyber weaponry to be a useful part of their arsenal, they have to train troops on its usage and the likely retaliations – both offensively and defensively.
 
This requires widespread connections (the fungal network) between services, departments and allied nations, underpinned by things like cross-skilling, sharing resources and combined methodologies, tooling and tradecraft.
 

Secure by design and secure in operation

We can’t design secure platforms and then just sit back and relax – technology changes way too fast.  But we have to do the basics right.
 
Secure architectures, patterns and standards are necessary for fixed, mobile and autonomous platforms.  And militaries have to assess vulnerability regularly on all their technologies and be able to deploy the required mitigations rapidly. This requires a good understanding of what is critical, and what is not, at any point in time.
 
Automation technologies, particularly artificial intelligence, also have a role to play. We don’t have the luxury of a SOC in the back of a fighter jet or a drone, but we must have visibility of what is attacking all our platforms.  In these platforms we need to be able to automatically respond to cyber-attacks and be able to recover ourselves with minimal human input.
 

An unwelcome reality

But even when militaries have done all this they will still get hit by cyber-attacks. Cyber weapons, defences and response plans can be rendered completely useless overnight by potentially one small penetration. This means militaries need to be ready to deal with completely unforeseen and unplanned changes.
 
And let’s not underestimate the step change in agility we need here.
 
Building a new plane or aircraft carrier would probably take 10 years in order for building, testing and deployment to be completed. By contrast, militaries need to be able to do a cyber-defence upgrade in hours if required and should expect to be doing it approximately every month. This is going to mean quite a shift in culture and procurement behaviour, not to mention policies, processes and procedures to enable the necessary speed and flexibility.
 
But this just reiterates why it’s an absolutely fascinating time to be working in cyber. Just like my Grandma before me, I really hope that the work we are doing now will lead to a similar technological leap forward and help propel the growth of our economies in a digital world.  This is a race truly worth winning, and it’s one I’m proud to be part of.
 
About the author
Dr Mary Haigh is Head of Cyber at BAE systems Applied Intelligence 
mary.haigh@baesystems.com
Global Executive Client Forum

Explore more content from our Global Executive Client Forum

Opportunities and challenges associated with Cyber Defence, Digital Transformation and supporting the National Security Mission
Find out more

Recommended reading:

top
Dr Mary Haigh Head of Cyber, BAE Systems Applied Intelligence 22 October 2020