Opening Black Hat USA in Las Vegas, Jeff Moss, took note on the collision of politics and cyber-defence. He mentioned that world events “have caught up with us and we’re being tested.”
Politics and Cyber-Defence
With this in mind, if offence is nothing more than a technical venture, defence is “largely political” in terms of cost, strategy and the defendant in question.
“I believe the technology we are delivering favours offence, the machine learning, the reinforcing algorithms, so the momentum is on offense, but in defence, we’re stuck with politics,” he said. What’s more, Moss claimed that a culture must be built for defence. Offence, on the other hand, is more present.
“What are the political issues we’re facing? GDPR compliance is pretty political, you cannot twiddle a router and fix GDPR,” he said. “Soon we might have a California law to deal with and more third-party agreements as we move more and more to the cloud, [and] that’s a political decision, too.”
“If you look at some of the problems Facebook had with data retention,” he continued, “and Cambridge Analytica got their hands on some data, how do you claw that data back? Who has access to your data and what are they doing with it? Not a technical thing; it sounds more political.”
The Rising Need for Political Models
According to Moss, because of this, business models are running into political models. Say your business model is to “connect the world’s users”. There is a chance that you must face with a government whose model is to “control consent for the stability of society”. As a result, there will be some conflict.
“We’re starting to see that on a global scale,” he said. “That is ratcheting up the tension, and that seems new to me. That is why we are in the final exam stage, where all of these issues are conflating, and they are going to look to us for answers. It’s going to be people in this room who are involved in these conversations. Together we can probably figure this out.”
He went on to say that it feels like the adversaries have strategies while we have tactics, and this is not a good thing. Moss concluded that there are perhaps 20 companies worldwide who are in a position to raise our levels of security and resilience. “I cannot fix the problems in the Microsoft operating system, only Microsoft can do that,” he said. “So, if we politically influence Microsoft to build a better product, that will help everyone on the planet.
Join us for ECC UK
Cloud computing and DevOps represent significant investment opportunities for large enterprise. This will deliver operational efficiencies and significant cost savings. Join us in September for our 9th Cloud, DevOps and Datacentres conference as we bring together hundreds of leading industry speakers, users and suppliers of Cloud to review the latest ground-breaking technological innovations in this space.