Page 56 - Cyber Warnings
P. 56
White House expert: 'The threats are bigger than they've ever
been'
By Alex Lating, Product Marketing Manager, Hexis Cyber Solutions
MIT Technology Review recently published a fascinating interview with Greg Shannon, the
assistant director for cybersecurity strategy for the Obama administration's Office of Science
and Technology Policy.
Shannon's credentials include being chief scientist at
Carnegie Mellon University's Software Engineering
Institute.
He's someone worth listening to. Let's examine some
of the most interesting points he raised.
Lucrative rewards drive cybercrime
In the report entitled “Why We’re So Vulnerable,”
Shannon covered some ground that cybersecurity
pros are already familiar with. For instance, he cites the dynamic that despite millions being
spent on cybersecurity, it's just a matter of time until the next giant data breach.
That's because the loot - nearly-priceless information, leverage for ransomware attacks, etc. - is
worth the time and treasure criminals and rogue nation-states put into attack strategies.
Shannon told MIT Technology Review that the value of online information has been growing
exponentially - along with "the incentives to exploit systems and steal data."
What's more interesting is Shannon's prescription for fixing security gaps: building better code
from the ground up.
That's easy to say, but he estimates it will take as many as 20 years for software to be
universally built with security best practices in mind. So what are organizations supposed to do
in the meantime to protect their incredibly valuable data?
Code it like NASA
There may only be one organization taking the necessary precautions needed to prevent breach
- NASA.
"They are building code that must work for years and from millions of miles away," Shannon told
a senior writer for the MIT publication. "They have highly formal methods and use well-
controlled tools and special engineering to make absolutely sure that the software is reliable and
bug-free."
56 Cyber Warnings E-Magazine – February 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
