There are many challenges in cybersecurity. Most challenges are due to adversaries that continue to innovate and create new means of breaking into systems. But other challenges come from leaders who do not learn the lessons from history. We have called that problem cyber threat amnesia, the observed tendency of any organization to forget the cyber threat exists as soon as they remediate their current issue.
One of the cures of cyber threat amnesia is education. By informing future leaders of what is going on today and what has happened in the past we can help ensure cyber threat amnesia is minimized.
I have suffered from cyber threat amnesia myself. After years as an intelligence officer where I learned of the threat of foreign espionage I paid little attention when I heard stories of the Hanover Hackers, for example. That was some wild stuff but I sure was glad someone else took care of that. Much later I was working on the Joint Staff, and an associate told me about something called Eligible Receiver 97. I was amazed to hear that penetration testers had proven that they could get from the open Internet to sensitive DoD networks. My response was something like "Wow that is serious, I'm so glad someone else is taking care of that." I was demonstrating the very human condition of hopefulness and desire that everything would be ok if I just ignore it. Bad mistake on my part, and it is a mistake I share in the hopes that others don't make it as bad as I did.
Anyway, from there I was part of a small team that was stood up to work cyber issues for DoD, we were the first military command with authority to order action in DoD networks, the Joint Task Force for Computer Network Defense (JTF-CND). We would later evolve to take over operational responsibilities for many key cyber attack activities (JTF-CNO) and then evolve to have even more operational authorities as JTF-GNO.
JTF-CND was the forerunner to what would later become US Cyber Command, which is now on track to become a unified command, a statement of the importance of cyber to military missions.
We worked issues that should be known throughout the military and cyber defense teams in industry. Operations like Moonlight Maze and the major virus and botnet attacks were all handled by JTF-CND.
This summer marked the 20th anniversary of ER97, the event that kicked off DoD's focus on things cyber and led to the creation of JTF-CND and Cyber Command.
On 10 October 2017 a special workshop will focus on the events of 97 and 98, including Eligible Receiver, Solar Sunrise and Moonlight Maze. Organizers include the original commander of JTF-CND, retired General John Campbell. Speakers include Rob Joyce, the current White House Cybersecurity Coordinator, Dr. Thomas Rid, and Dr. John Hamre.
Topics include not just the examination of the past, but a contextualized assessment of the current state of cyber operations and a focus on how the future should shape our actions today.
For more information and to register see: Cyber At The Crossroads
Latest posts by Bob Gourley
- All Enterprise Techies Should Watch HBO’s SciFi Epic Westworld: It will help us dialog over shared experiences on what we will not be creating - April 22, 2018
- Global Cyber Alliance Release: Perhaps the most important of the 2018 RSA Conference Season - April 19, 2018
- Fingbox: Giving you something you need now more than ever, awareness and control over your home network - April 17, 2018