The expertise of Major General Jonathan Shaw in the field of cyber security and defense strategy formed the future of security. The chief speaker of cyber security was the first head of the Cyber Security Defense Program at the British Defense Minister, a pioneering initiative in the field of modern cyber defense. We talked to Jonathan to explore how organizations can strengthen their cyber security, navigate developing threats and build resistance in the era of digital war.
As the head of the Defense Cyber Security program on the Minister of Defense, you have navigated a field that is highly technical and conceptually complex. What was your proud success in this role?
I think it was a transition from someone who knew nothing about Cyber to someone who could speak expertly about the conceptual side of cyber security. Cyber is obviously a deeply technical aspect, but I quickly learned that technical details were not like wider consequences – how cyber technology affects our entire life.
My greatest success was the development of the ability to explain the digital subject in an analogue way, which is meaningful to those who did not understand it. I believe it was my most success.
Cyber safety management requires different approval as a result of the disturbing nature of technology. What in your experience looks like efficient in cyber security and how should the problems that represent this rapidly changing field?
Cyber is fundamentally questionable. It applies to information and, as a result, disrupts the traditional hierarchy now. Organizations are structured in a way that ensures that the manager first receives information, but this is not the case in the cyber world.
Many leaders I met was what I call “cyber tourists” – they had some awareness, but lacked real expertise. This means that the management must change because you cannot wait long for the highest executives to fully understand the result before the measure. Instead, the leadership must seize, train and trust individuals on coal, who often have a much greater understanding of cyber security threats.
This requires a departure from the strict structure of the command from top to bottom to a more decentralized approach. In the army we call this “mission command” rather than “command”. It allows quick decision -making and more agile response to threats.
The organization is facing an ever -increasing threat of computer crime. What are the three best practical steps they can take to protect and build resistance to cyber attacks?
In protecting the discussion, most people focus on shields and blocking mechanisms, but can be used by military analogy. There are several layers of defense in the defense of the vehicle against the attack, and only one of them is a physical shield. The first and most important step is to avoid seeing – stay invisible.
He assumes that cyberspace is inherently uncertain and ACT agreement. If you become highly visible online, you will include your chances to become the goal. Although it is contrary to the advertising needs, it must find a balance. People also have to stop trading with our own privacy for comfort, which is something that many of us were guilty for.
The second step is to accept that you will be attacked at some point. The more successful you are, the more likely you are attacked. Therefore, the preparation is crucial. Create durability, create redundancy and train your team to answer efficiently to break.
The third step is to ensure that your entire supply chain follows strict cyber security protocols. It’s not just about your organization; Third -party vendors often go through injury. Cyber hygiene must exceed your own systems to your partners’ systems. In short: it minimizes your exposure, preparation for attack and ensures that your supply chain keeps high cyber security standards.
Cyberatacks about national infrastructure have the potential to disrupt a large -scale company. To what extent can a national cyber attack affect our daily life?
You don’t have to look for an example of that. The most dramatic case was in 2007, when the Tokes of Russia, on the decision of the Estonian government, to move the statue of a bronze soldier from the center of Tallinn to the cemetery.
As Reaaliation, Russia has launched massive cybernetine, which effectively closed Estonia. They banned banking systems, government operations and media channels, which took care of real estate property for weeks or months.
Interestingly, this attack on Estonia to become a global leader in cyber security. In their responsibility they set up a national unit of cyber defense and cleaned that cyber security is a collective responsibility. Their approach is now considered a proven practice in Europe, not if in the world.
This case emphasizes both the severity of cyber attacks and the importance of national readiness. The main cyberratack can cripple basic services, disrupt communication and have permanent economic endpoints. It is a reminder that cyber security is not just a government result – it affects all.
With a rapid evolving technology, what will be the other main type of cyber attack and what risks we should be aware of?
Cyberspace is inherently uncertain. In fact, the Russians previously penetrated into the NSA database and discovered a back pattern that was intentional built into different systems. Now they have a list of vulnerables they can use. The Solarwinds attack was just one of the examples and we should excite more of these attacks in the future.
Another problem of immondondo is the wrong belief in blockchain technology as a flawless security solution. Many people see it as a panacea, but it is not. Blockchain has a backdoors, previously attacked and contains a zero day injury. The assumption that blockchain is secure automatically secured is simply incorrect.
In the long term, I consider this to be a cultural problem rather than just the cyber security. We are moving from what some call “digital colonialism of the United States” – where the US controlled the development of digital technologies based on Western values - “Chinese digital colonialism”. The Pentagon form of the head of cyber security has recently said that the West has already lost the battle for artificial intelligence and that China will want the future of AI.
This shift will fundamentally change the assumption that the software is developed. When AI becomes more common, we will have to navigate at a time when the software and cyber security framework are formed by various cultural and strategic interests.
How is it likely that a successful cyber attack on the national infrastructure and what factors affect the likelihood of such an event?
If the attackers find out vulnerability, they will use it. The question is not where the national cyber attack is possible- the point is how well we can alleviate damage.
The good news is that the main states avoid direct cyber rollers due to the doctrine of mutual security. If China could take off Britain, Britain could probably be natural. Neith Nation has the motivation to start a cyber attack full of trade, because the consequences would be catastrophic for the part of the stand.
The bad news is that criminal organizations act as representatives for nationals. These non -state groups have no infrastructure that can be focused on retaliation, which makes them a greater threat. Some argue that these groups are indirectly controlled by states, and that may be true.
However, since cyber criminals must work from physical lease, they may still be under pressure. These groups do not work from a different space – it is based in Russia, China, Bulgaria or elsewhere. Governments can and should use diplomatic and economic measures to disrupt their activities.
While the Internet creates a huge offensive surface, it is still possible to save the effect in the real world on cyber criminals. Finally, if the attack is planned, it will probably succeed to some extent, which means that the preparation and alleviation strategy is so important.
If you could give your self one advice, what would it be?
Really nothing to do with cyber security. It would be using opportunities and have more confidence in my proper. Looking back, my greatest regret is not what I did, but the door I didn’t open. Just have more confidence and go on things would make a big difference.
Life is not a test – you have to take control and make the most of it because time is moving quickly. I am 63 years old, and when I did some great thing, I know I could do even more. Now there is always time for sixteen opportunities.
Image from free photos from www.rupixen.com from Pixabay and speakers masters.
This interview with Jonathan Shaw was conductive by Mark Matthews.
Do you want to know more about cyber security and cloud from industry leaders? Check out Cyber Security & Cloud Expo in Amsterdam, California and London.
Explore other upcoming events and webinars with technology and webinars driven Techforge here.