creating a cybersecurity commons - dbray
DESCRIPTION
Creating a Cybersecurity Commons - presentation by Dr. David A. Bray. http://dbray.org | @fcc_cio Given at the University of Oxford's Oxford Martin Global Cyber Security Capacity Centre formal opening on 25 Nov 2013.TRANSCRIPT
Creating a Cybersecurity Commons
1995 Visualization of Earth's City Lights from http://visibleearth.nasa.gov/view.php?id=55167
2010 Visualization of Facebook Friends from https://www.facebook.com/note.php?note_id=469716398919
Why a Commons Matters
2013 http://allthingsd.com/20131120/how-somebody-forced-the-worlds-internet-traffic-through-belarus-and-iceland/
1. Do you know through
what nations your
internet traffic is being
routed?
Border Gateway
Protocol and Global
Routing Tables by
design are unsecure.
Why a Commons Matters
2013 http://allthingsd.com/20131120/how-somebody-forced-the-worlds-internet-traffic-through-belarus-and-iceland/
2. Rise of cybercrime
and spearfishing “data
extortion” attacks on
members of the public.
Cybersecurity 80%
humans, 20%
technology; how do we
to help the innocent?
Why a Commons Matters
3. Our public lives,
health, and wellbeing
connect increasingly
direct to the internet.
What happens when the
“internet of things” is
embodied in our bodies
and attacked en masse?
How a Commons Would Work
1. Every node a sensor:
near real-time machine-
to-machine exchanges
at massive scale.
Known participants
volunteer to share
anonymously any
attacks they observe.
How a Commons Would Work
2. Akin to “fire alarms”:
trusted commons shares
alerts and patterns to all,
can triangulate activities.
Known participants
receive back group’s
collective intelligence
enabling early warnings.
How a Commons Would Work
3. Foundation for cures:
real-time longitudal data
research base for fixes
and cyber interventions.
Trusted commons could
distribute patches or
recommend changes to
thwart attacks.
What a Commons Would Benefit
1. Private sector:
Anonymous reporting by
known entities protects
private sector firms from
reputation concerns or
lawsuits stemming from
disclosure of an attack
or lost of data.
What a Commons Would Benefit
2. Non-Profits:
Expands niche for
“cyber watchdogs”; also
often lack the capital for
necessary cybersecurity
defenses, can benefit
from the collective
intelligence of others.
What a Commons Would Benefit
3. Public:
Could also contribute in
the commons by
voluntarily downloading
an open source app to
report attacks on a
devices in return for
hardening its security.