Black Hat:"Saving cyberspace" requires next-level defense focus
The internet will only endure so much abuse before it's irreversibly damaged, Jason Healey said.
At Black Hat 2014, a cyber conflict and security expert asked attendees to contemplate the irreversible damage facing the internet if abuse, such as government surveillance and cyber crime, continue to permeate the space.
Jason Healey's Thursday talk called “Saving Cyberspace,” addressed the uphill battle ahead of the community as it aims to better secure the web. Healey, the director of the cyber statecraft initiative at Washington, D.C.-based think tank Atlantic Council, said that, even from a glass-half-full perspective, the industry has at best fought the bad guys to “stay even.”
“We need to figure out how we can have a cleaner, more resilient internet for the future generation,” Healey said before the crowd.
Furthermore, the future of innovation hinges on “saving” the net, he added, especially in light of Internet of Things (IoT) threats which continue to grow as more devices and technologies become connected.
Referencing smart grid technology, driverless cars and cloud-based services, Healey said that “we can only unlock their innovation if we get security right.”
An integral part of doing that would entail a widespread focus on defensive security or technologies.
“We've got to get [our] defense better than offense, or we're never going to be able to turn this around,” Healey added.
In addition to focusing on building disruptive defensive technologies that work to scale, he said that a private-sector centric approach was needed to stir the progress needed to stay ahead of expanding threats.
On the impact of government surveillance that violates cyber ethics, he said that the trade off for intelligence wasn't worth it.
“We have a digital economy, a digital society…and people in glass infrastructures shouldn't be throwing stones,” Healey said, referencing the precarious position surveillance has put the U.S. in regarding international affairs.
“We are all peeing in the pool and, at some point, we really need to worry about that, if we keep treating [the web] as place for cyber war and cyber crimes,” he said.