Is automation security’s only hope?
- By Matt Leonard
- Sep 14, 2016
As attacks on digital infrastructure continue to cause headaches in both government and the private sector, increased automation can help, security experts said at a Sept. 13 Meritalk cybersecurity workshop. This automation will be especially critical as the Internet of Things takes shape, they said.
“We’re trending toward more machine-to-machine communication,” said Rod Turk, the chief information security officer in the Department of Commerce's Office of Cyber Security, adding that his agency has already begun implementing it. “That will allow us, at machine speed, to react and hopefully see the types of threats that are coming,” he said, explaining that increased automation could help agencies deal with phishing attacks.
As the Air Force improves its cloud capabilities and builds up a larger data lake, automation is becoming a viable option for responses, according to Air Force Maj. Gen. Sarah E. Zabel, the vice director of Defense Information Systems Agency.
Millions of attacks hit the Air Force every day, Zabel said. Thousands of those require some action, and about 10 are considered critical. But the more that response gets shifted away from humans and toward automation, the better, she said, because it would allow the Air Force to “catch more (attacks), and with more certainty.”
Automation can also help with autoresiliance and auto-regeneration within networks, according to Darlene Renee Tarun, the deputy director of the National Security Agency’s Cyber Task Force.
By leveraging technology, she said, agencies can “detect and mitigate a cybersecurity threat against our network before it has negative consequences. But Tarun acknowledged that “sometimes bad things are going to happen in the network.”
The Internet of Things is complicating security. The massive numbers of sensors will create multiple doors for cyber attackers.
The IoT creates a big question mark around security right now, Department of Homeland Security CTO Peter Fonash said. There is no agency responsible for regulating IoT, so manufacturers and attackers are writing their own rules, he added.
Because there is so much uncertainty surrounding the IoT, that security needs to stop being an afterthought, Tarun said. For IoT applications, the security needs to be built in to ensure secure data flow.
Matt Leonard is a former reporter for GCN.