Defense More Effective Than Offense in Curbing Nation State Threat Actors

Written by

The effectiveness of offensive capabilities in deterring nation state actors was discussed by a panel during the recent ‘RSAC 365 Innovation Showcase: Cyber Deterrence’ webinar.

Chair of the session, Jonathan Luff, co-founder at Cylon, observed that now is the ideal time to be asking if and when offensive strikes should be used following the Russian state-backed SolarWinds attacks at the end of last year, as well as the inauguration of newly-elected President Joe Biden this week. Luff noted: “The new administration has already made clear it intends to make cyber a huge priority.”

Ciaran Martin, former CEO at the National Cyber Security Centre (NCSC) in the UK, began by arguing that while offensive cyber-actions can be useful against certain types of enemies, they will not deter incidents like SolarWinds. He highlighted the UK’s successful cyber-strikes against the Islamic State back in 2018, which hindered its operations and made it harder for it to radicalize people online. However, he does not believe it would have such a positive effect in preventing cyber-attacks emanating from countries such as Russia and China. “If you knock off the six o’clock news in Moscow who’s that going to deter?” he asked.

He added that the nature of the threat China poses to the West is different to that of Russia, with its bid for technological supremacy an “existential” danger. This means there is now a clash between societies with free and open technologies and those that are authoritarian. Martin commented: “You certainly don’t counter that with cyber-attacks or by Trumpian sanctions; you counter it by innovation.”

Sian John, EMEA director, cybersecurity policy at Microsoft, said that the tech giant’s main priority in dealing with the cyber-threats posed is innovating around threat, detection and response capabilities. “We’re definitely on the defense side of that approach,” she added. More broadly, to keep the free and open internet secure, she highlighted the importance of tech companies collaborating more closely “to try and get ahead of the threat.”

The panel agreed that the role of cybersecurity startups will be vital in the development of more innovative defensive solutions going forward. Itxaso del Palacio, partner at investment firm Norton Capital, believes the challenges to organizations posed by the rapid shifts to home working and adoption of the cloud has increased the importance of startups in this space. This has, in turn, already led to more innovative solutions becoming available. “That has accelerated the need to manage and monitor these multi-cloud solutions,” she stated.

Concluding the discussion, the panellists offered reasons for positivity in relation to making the open internet more secure over the coming decade. These include an increased focus by security companies on tackling the evolving ransomware threat and the use of automation to detect dangers quickly. More generally, John said she is “really excited by the move to build privacy and security in by design rather than it being a bolt on.”  

What’s hot on Infosecurity Magazine?