Given the recent evolution of attacks, it’s clear that it’s time for us as a country, private industry and corporations to rethink and finally execute a successful cyber strategy. In this article, we interview two distinguished thought leaders who have been tackling this notion from an integrated private sector and government perspective. The thought leadership and candor of these two is not only compelling but practical.
Nicolas M. Chaillan is a successful serial-entrepreneur, software innovator, cyber expert, and now Chief Architect at Cyber.gov at the Department of Homeland Security (DHS). In that capacity, he leads teams creating the future of cyber architecture for the civilian agencies of the U.S. government (USG). After months of hard work in research, strategy sessions, debates, briefings and planning, the strategy template is complete. “Security matters first and compliance second. Compliance does not ensure security. While Cyber.gov is fully mapped to the NIST Cybersecurity Framework and 800-53, it is seeking to secure the U.S. government first and foremost,” states Chaillan.
Israel Martinez, Chairman of the Global Manufacturing ISAO, concurs and adds, “I’ve had the distinct honor and pleasure of working with Nicolas bridging innovation between government and the private sector. Nicolas Chaillan’s leadership is impressive and paramount to the success in defining the Cyber.gov architecture and influencing cyber policy. His ideas are compelling and aligned with the ecosystem of private sector advisors we (Hunter Muller and I) have selected. All are IT executives within HMG Strategy, an independent network of more than 300,000 practitioners.”
While the strategy is sound and validated by many in private sector leadership, some are wondering if successful execution is feasible under the current governance model. The same will be particularly true for private sector companies as organizational leaders realize they also have to implement this new architecture and cyber security strategy in order to survive the current dynamics in escalating threats.
As we analyzed feedback and the cyber threat information across the USG and private sector over the last nine months, at least two revelations became clear 1. Cyber security within the current cyber security frameworks and DNS infrastructure is not sustainable and 2. The cyber security problem will get worse before it gets better. These are evidentiary and mathematical certainties, not just predictions.
The public evidence of compromises from Operation Cloud Hopper to the recent Petya attack demonstrates that we have to completely rethink and update everything we are practicing from the wiring closet to the board room, again.
This article will be the first of a series where we define the problem and then begin to discuss how CISOs can effectively address cyber security Day 1 (current infrastructure response) and Day 2 (future infrastructure strategy). Board room, governance and enterprise risk management evolution will be explored in a separate series of articles by Israel Martinez and Dr. Richard Schroth.
What do recent cyber-attacks reveal?
The “Petya Ransomware” international cyber-attack last week that started in the Ukraine was effective and pervasive -- even the Chernobyl power plant was forced to move radiation-sensing systems to manual modes. The Petya attack, which impacted governments, state power suppliers, telecoms, banks, metro and airport systems, was initially pushed through an accounting software update and then propagated via highly effective phishing campaigns.
Several world-renown firms were impacted, including the advertising firm WPP, Saint-Gobain, Mondelez, DLA Piper, AP Moller-Maersk, Heritage Valley Health System, and many others.
Many are referring to Petya as ransomware while others are equating the attack to WannaCry and implicating hacking tools that were stolen from the National Security Agency (NSA) and leaked online in April by a group known as the Shadow Brokers, according to The New York Times. However, the June 27 attacks are believed to be more widespread and insidious than the May WannaCry attacks.
Most wrongly believe Petya was ransomware, where data is encrypted and there is a demand for payment to regain access. However, closer inspection reveals “Petya is masquerading as ransomware to hide its true intent,” states Chaillan.
“This strain of Petya was clearly designed to disable systems and destroy data,” adds Martinez. “As we (Nicolas and Martinez) connect the dots between private sector and DHS, it appears the ransomware was a ruse to obfuscate the malicious intent to severely impact Ukrainian critical infrastructure systems, much like Black Energy did on December 23, 2015.”
“While this [Petya cyber-attack disguised as ransomware] might seem trivial, this ploy could be the beginning of a new era,” said Chaillan. “An era where a nation can orchestrate a significant cyber-attack, targeting critical infrastructure systems of another nation (an act of war), all while hidden behind the false pretenses of a `money-seeking hacker group’…. this has implications both domestically and for international relations.”
“While it is obvious that better patch management systems and training against spear phishing attacks is warranted, these are outdated and ineffective responses that will not solve the larger problem of an effective cyber strategy,” said Martinez. “For now, we leave you with this question: `What’s next and how does one prioritize?’ In our next article, we will begin to address these questions.”
Israel Martinez, is a member of the HMG Strategy network and Chairman, Global Manufacturing ISAO & CEO, Axon Global, and a contracted member partnered with the Department of Homeland Security, “enhancing the protection of critical infrastructure and government networks and systems that are vital to national security and the nation’s economy,” as well as in private sector.
Nicolas Chaillan is the Chief Architect for Cyber.gov at the U.S. Department of Homeland Security (DHS). Cyber.gov is the DHS Science & Technology (S&T) program that is designing the new cyber security architecture for the civilian.gov agencies. Chaillan is also a serial entrepreneur, software innovator and investor. With over 17 years of experience, Chaillan has sold over 180 products to more than 40 Fortune 500 companies.
(Opinions expressed are personal to Martinez and Chaillan as individuals)To learn more about the latest cyber-attacks and the steps that can be taken to address them, please join the HMG Cyber Alert call with Israel Martinez and Hunter Muller on Wednesday, July 5 at 5 p.m. EST by e-mailing email@example.com. Also, look for our next article in this series regarding how to implement more effective cyber security in the current environment.