Three Questions with Michael Daly
Editor’s Note: Michael Daly is the chief technology officer for intelligence and information systems at Raytheon. During GMF’s side event to the official NATO meeting of heads of state and government, Michael spoke on the panel “Dealing with Conflict by other Means — Cyber, Terrorism, and Information Warfare.”
Q: Why are public private partnerships so important in addressing cyber security issues? How can public private partnerships be leveraged to make societies more aware and take cyber security issues more seriously?
Michael Daly: Cyber security requires the public and private sectors working together to maintain a resilient Internet fabric. There are several reasons why public-private partnerships are important to address cyber security issues.
First, the vast majority of critical infrastructure (typically, it is estimated at around 85 percent) is owned and operated by the private sector. This means that for a nation to be resilient, it is the private sector that must act.
Second, the majority of Internet infrastructure is owned and operated by the private sector. Again, to identify, screen out, and respond to cyber threats, it is the private sector that must act.
Third, cyber threats rarely launch directly from attackers’ computers but instead are launched from other compromised computers. Again, it is the private sector where these compromised computers frequently are found. In this area also, the private sector must be vigilant and take action to prevent misuse and propagation, and be engaged to identify the criminals and hold them accountable.
Q: What are concrete steps law enforcement agencies can take to treat cyber warfare as a crime?
Michael Daly: There are few, if any, communities in which cyber-crime is currently treated as a crime unless the damage is determined to be “significant.” Parking tickets for leaving your meter unpaid for five minutes are more likely than even a fine should you compromise a thousand of your neighbors’ computers. This is largely because we have been conditioned to not report viruses and malware as a crime.
Cyber warfare has started already with the infection of tens of thousands (even millions) of computers and devices around the world that will be used, when our adversaries need them, to penetrate and disrupt national security systems, critical infrastructure, national security supply chains, and key individuals. Law enforcement agencies need to be scaled up and equipped to address cyber-crime at the local level, just as we do with simple enforcements like parking tickets. They cannot do this on their own, of course. It will take a public-private partnership to bring the right expertise to address the effort at such a large scale. But, the problem of cyber-crime, and the related issue of cyber warfare, will not be resolved until it is addressed before the issues are deemed significant and focused action is taken.
Q: What steps should an international security organization such as NATO do to move from being an analogue player to becoming an active player in the cyber field?
Michael Daly: NATO has started with cross-CERT coordination with the EU and its other partners and, of course, the alliance has begun to apply rigor to the cybersecurity of the NATO infrastructure. NATO should be further able to help by conducting and sharing threat intelligence activities to identify the intentions, actions, and indicators of cyber threat actors. The alliance can also develop incident response plans to help its member nations remain resilient collectively. Perhaps most importantly, NATO should strengthen its ties to the cyber law enforcement communities of its members so early warning of adverse or threatening cyber activity can be achieved and shared.