Eric Trexler, vice president of Global Governments and Critical Infrastructure Sales – Theatre Lead Company for Forcepoint, recently took part in an Executive Spotlight interview with ExecutiveBiz to discuss the impact that ransomware and malware are having on the future of warfare and our military systems heading into the new year.
In addition, Trexler also spoke with ExecutiveBiz about the potential need of a “digital Geneva Convention,” and the challenges of cybersecurity on citizen life and within local government.
“The better we protect ourselves as individuals and communities, the better we can do from a cyber perspective. The least we can do is make things more difficult for our adversaries. Attackers are naturally going to choose the path of least resistance. There are a lot of ways to make our information much harder to obtain. We’re still learning and understanding what we’re willing to accept, but there is hope.”
You can read the full Executive Spotlight with Eric Trexler below:
ExecutiveBiz: How are cybersecurity and the prevention of cyber attacks becoming a staple of our military systems and arsenals heading into 2022 and beyond? How are malware, ransomware and other forms of attacks impacting the future of warfare and what are the gaps we need to address?
“In my experience, the U.S. military and the world in general are changing much slower than our adversaries. There are a couple rules in cyber; the attacker always has first mover advantage, the attacker gets as many attempts as they want, and the attacker only has to be successful once, which means as cybersecurity defenders, we’re basically set up to fail.
A huge issue is that the Department of Defense has such a wide attack surface. It takes a long time to get people up to speed, coordination across organizations is difficult and complex, and we have finite budgets. We’re just now starting to get into the senior leadership level of people who began their careers with a focus on IT initiatives and cybersecurity. Cyber wasn’t as crucial even a decade ago. The average general officer or senior leader today doesn’t have that direct experience with it.
In cybersecurity, there are gaps on the personnel side of things for sure. There are also gaps in training as well as legacy systems, acquisition and procurement. One of the biggest gaps that we don’t hear about very often is related to risk and prioritization.
For instance, Volvo gave the patent away for seatbelts decades ago so now every car since has that safety standard. For cybersecurity, not everything comes with the basic capabilities in the same way that every car has seat belts, but building an understanding of protection from the start for our digital assets is critical.
Additionally, data is more accessible than ever before. Prior to modern inventions in IT, a spy typically had to be present in order to steal data and gain information from them. There was a lot of risk, a lot of complexity and danger in that mission.
In the modern day, it’s about the number of keystrokes and accessibility. The amount of data available and the ease of use has been well demonstrated with Sunburst, SolarWinds and many other recent hacks that make us take a long and hard look at how we think about data protection in this day and age.
We have massive gaps that we need to address in our systems, and the advantages always go to our adversaries. The federal government hasn’t been looking at this issue from the perspective of how we can protect our data from the beginning.
We’re just now starting to understand how to develop a security by design concept that will help us think about data protection from the start. We need to build security into everything from the very beginning.
Another pivotal component to mention is that we are currently the most digitally connected society in the history of the world. The United States has the most to lose and the most data that we need to protect. We still operate from a strict code of conduct and ethics, and we play by the rules in many ways. Our adversaries don’t operate behind those same restrictions, and it has never been easier to extract our nation’s research and information for their benefit.”
ExecutiveBiz: Since cybersecurity doesn’t need to adhere to specific borders and the need for a “digital Geneva Convention” on the table, what are the future challenges that we need to work on with smart cities, AI and machine learning and other technologies continuing to have a significant impact on every aspect of government/civilian life?
“I’ve been in the information technology field for 25 plus years now. There’s a ton of technology that I could speak to, but it was really about a decade ago when we saw the significant uptick in blatant, nation state and malicious activity. If bad actors, whether they are nation state controlled or nation state allowed, were not allowed to operate by the nation states, we wouldn’t have the degree of cyber threats that we have today.
There’s a significant component for diplomacy and financial repercussions, including the concept for a ‘digital Geneva Convention,’ which Brad Smith of Microsoft discusses often. I’m still on the fence because there are always countries that respect the ‘code of conduct’ more than other countries, and I’ve seen that first-hand during my time in the military. The effectiveness of the rules is a major concern but the biggest one to look out for is diplomacy.
I don’t believe that we’re going to see the rate of cyber attacks slow down because without real consequences, there is no risk for those exhibiting bad behaviors. In cybersecurity, there’s a formula known as incentive x opportunity risk = probability of a cyber activity. What’s the treasure that I’m trying to find? What’s the risk that something bad is going to happen to me? Assuming the benefits outweigh the risks, I will likely launch this activity.
In the case of ransomware like what we just saw with the Colonial Pipeline, I’m sure the DarkSide attackers didn’t factor in the risks before the federal government got involved. The risk of consequences was almost zero based on historical responses. Why not launch cyber attacks if you’re not being held to any consequences? The President of the United States getting involved was not factored in. I suspect that it will change targeting models in the future.
We can tear apart all kinds of technology like artificial intelligence and machine learning to help us understand how attackers are coming at our systems and how they think. There’s a heavy reliance on using bot after bot after bot, but it’s got to be more than a technology vs. technology because we’re on the defense. If not, the advantage always goes to our adversary.
As I mentioned, the adversary only needs to be correct once. They have unlimited attempts with virtually no risk at all. If we play the game under those conditions, we have to defend a massive attack surface and the attackers only need to get through once for us to lose big. I don’t believe the answer is cyber on cyber because we don’t have the advantage.”
Visit our Executive Spotlight Page on ExecutiveBiz.com to learn more about the most significant leaders of consequence to the government contracting (GovCon) and federal sectors and their experiences driving growth, new business and capabilities in the fiercely competitive federal landscape.
ExecutiveBiz: What can you tell us about the impact these challenges and changes are having and will have on citizen life? With a third of local governments reporting ransomware issues, how can local and state governments address their vulnerabilities to stop that trend?
“One of the challenges we have is the population of the United States and most free countries love the ease and accessibility of computer capabilities, right? Here in the U.S., computers have made our lives dramatically easier.
I meant what I said earlier that we’ve never been more connected. Some of the things we’ve been able to do with AI, machine learning and robotics. The United States has really embraced the capabilities available to us from turning on lights to the thermostat in your home, but we still haven’t truly understood the technology and addressed the risks. As consumers, we’ve never been more beholden to manufacturers and our government entities for protection.
There’s always the question of privacy and the possibility that your conversations are being listened to by someone across the globe. There are a billion examples of how we’re vulnerable as consumers to our information being used against us because we choose the benefits of technology over the risks all the time.
There are risks that we knowingly ignore because you can’t live in the dark ages with the capabilities on the open market these days. This is still a nation state problem that goes back to diplomacy. We have the capabilities for the FBI, state and local law enforcement, and local authorities that need to be brought up to speed on these types of behaviors. Education may be the most powerful tool to fight negative impacts on the citizens in our communities.
It’s honestly the modern day equivalent of someone breaking into your house and stealing your diaries. What laws are in place? What organizations are in place to prevent those bad behaviors from happening. We’re created these capabilities for ourselves, but we have to remember there are consequences. Are we even aware of the risks and consequences?
The better we protect ourselves as individuals and communities, the better we can do from a cyber perspective. The least we can do is make things more difficult for our adversaries. Attackers are naturally going to choose the path of least resistance. There are a lot of ways to make our information much harder to obtain. We’re still learning and understanding what we’re willing to accept, but there is hope.”