Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: https://uscgproceedings.epubxp.com/i/436751
67 Winter 2014 – 2015 Proceedings www.uscg.mil/proceedings success. There is a need to fundamentally change how the Coast Guard understands and operates in cyberspace. Per- sonnel must perform active and ongoing assessments to cre- ate dynamic defenses and collect, process, and disseminate actionable cyber intelligence to support decisions and deci- sion makers at the strategic, operational, and tactical levels of planning and execution. Each of these levels of intelligence supports a different seg- ment leader in an operation or business: ➤ At the strategic level of planning and execution, the focus is on establishing an organization's mission and direction, setting objectives, and developing a plan for how those objectives will be achieved. Solid strategic- level cyber intelligence c a n help foc u s t he leadership on poten- tial long-term cyber threat actors and vec- tors and thereby lead t o m o r e i n f o r m e d planning and resource allocation. • transforms the cyber defense posture from reactive to proactive; • permits a shift from perimeter defense to maneuver operations; • enables an adaptive cyber defense solu- tion, based on a continuous assessment of cyberspace risk and its implications for the mission. Beyond the Network Cybersecurity professionals often do not think about intelligence in a comprehensive way. In fact, when addressing threat intelligence, many professionals focus only on technical/logical aspects. Though this information is useful, the main value of after-the-fact insights into an attack lies in their utility in preventing future, similar, attacks. Tactical cyber intelligence, although necessary, is not suffcient to manage cyber risk. Cyber threats originate with people who are making decisions and acting within a context or environment to achieve certain objectives. Intelli- gence collection, therefore, should consider a range of adver- sary behavior and activity as well as geopolitical, social, industrial, economic, and cultural context. This provides a more comprehensive view of the attack surface and allows organizations to better anticipate and prevent attacks and malicious activity, not just respond to them. Instead of thinking about cyber attacks as events, it might be more useful to consider them as a process, or the end result of a planning and preparation process. That approach implies a need to assess and understand potential adver- saries, maintain situational awareness, and consider how the operating environment and features of our own orga- nization or system might affect an adversary's actions and objectives. Continuous Assessment and Adaptive Mitigation Traditional cybersecurity approaches are static; they rely on flters, frewalls, and other perimeter defenses. Static meth- ods can help defend against known threats, but they are ineffective against new threats and zero-day exploits. They are also insensitive to attack plans, preparations, and pre- incident indicators and warnings. Cyber threats move at network speed, after they have been weaponized and bad actors decide to attack. The only way to gain advantage is by using a continuous cyber intelligence process to anticipate potential threats and take preventive action. Current cyber defense approaches are reactive and only adapt periodically. That posture will result in limited A shipping container was dropped while being off-loaded at a container terminal. Supervisory control and data acquisition systems that are interconnected with port business systems can be hacked, causing malfunctions such as placing containers in the wrong spot or dropping them completely. Photo by Colin K. Work @ Pixstel. A petty offcer tracks a Coast Guard cutter's position on a nauti- cal chart. Navigation systems are critical to operations. Hacking or jamming these systems could sig- nifcantly hamper effective opera- tions. U.S. Coast Guard photo by Petty Offcer Lauren Jorgensen.