The stakes “can’t be higher”: CISA chief talks about future technical challenges

Heads of the U.S. Cyber ​​Security & Infrastructure Security Agency (CISA) need to instill design security in software development to protect society from cyberattacks as technology becomes a major part of everyday life. Warns that an innovative way of thinking is needed.

CISA Director Jen Eastary said it is important to focus on today’s cybersecurity issues, but it is also important to think about tomorrow’s challenges.

“Especially in the areas of technology and cybersecurity, stakes for the next decade will never be higher,” she said, focusing on the top-priority values ​​that must support cyber defense over the next decade. I warned that guessing is “important”.

look: Cybersecurity Victory Strategy (ZDNet Special Report)

In addition to the current challenges facing cybersecurity, such as ransomware and supply chain attacks, new technologies can pose new threats. For example, the rise of smart cities connected to the Internet of Things (IoT) is used daily by cybercriminals and other hostile attackers unless these cities are properly designed from the beginning. It may provide a direct means of interrupting or tampering with the service.

But cybersecurity wasn’t the only challenge Easternly pointed out. He pointed out that democracies need to defeat the authoritarian regime and ensure to defeat tomorrow’s basic technology, facial recognition challenges, crypto-related quantum computer competition, and the growth of artificial intelligence. Intelligence and the destruction of the Internet.

“Emerging technologies today define the shape of tomorrow’s world and truly determine whether the post-WWII liberal world order will survive or survive more optimistically for the next decade. Claiming that it can be done is not an exaggeration in my view. As a like-minded democratic nation, we will continue to prosper. “

“Will we lead the development of smart technologies and the growth of smart cities in ways that are not only secure by design, but also designed for privacy by design?” Held in Newport, Wales. At the Cyber ​​UK conference at the National Cyber ​​Security Center (NCSC), we spoke on video and asked Easter.

The same is true for software and supply chains. Many major cybersecurity incidents begin with newly discovered zero-day cybersecurity vulnerabilities. Once these are disclosed, patches will be available, but organizations will take longer to deploy patches and may be vulnerable to attackers.

By implementing design security, which is the process of building applications and software with cybersecurity in mind first, technology becomes safer and more secure against cyberattacks.

“We will eventually work together to lead the effort to shape the technology ecosystem, and the software, systems, networks, and the supply chain that underpins them all will be safer and more resilient than they were designed 10 years from now. Isn’t a serious intrusion or a new serious zero-day vulnerability an exception and standard? ”Easterly said – this reality is possible, but only through collaborative efforts. Emphasized.

“The answer to all these questions must certainly be yes, but it is our alliance, to a global standard that reflects the core values ​​we value and bind us across the country. Only if you are willing to invest in people, together, “she added.

Cyber ​​security details

Source link