The severity of cyber attacks can include disrupting armies, global supply chains, or online systems. Such attacks are realistically not 100% preventable, and so systems should be designed with “resilience” in mind; the ability to operate despite a cyber attack. These ideas are beginning to be recognized by governments, but it is easier said than done, with complications including design, execution, and funding, as well as changing our current mindset when approaching cybersecurity.
In order to improve resilience, multiple methods that protect and detect attacks must be implemented, so that when one method fails, the whole system isn’t compromised. It’s also not enough to assume that any enemy that breaches a system can be detected, and so “adversarial success must be assumed.” In order to accomplish these goals, a variety of techniques should be utilized, from monitoring activity to deterring such activity. Each technique has multiple avenues in accomplishing their goals. A singular architecture that aims to achieve all of these goals is doomed to fail. As such, multiple structures should be operating, and while they may not be able to be as effective as a singular architecture at any singular task, they can perform well in other metrics.
In addition to the above methods, an effort to virtualize the infrastructure and its levers should be made. While this comes at a cost of greater vulnerabilities at certain points in time, the agility added in quickly adjusting the infrastructure to any arisen problem. Alongside this, virtual systems can be replicated and can easily incorporate additional elements in order to have a more diverse set of tools to deal with incoming attacks.
A myriad of mechanisms can further help in preventing cyber attacks. These range from diverse structures that discourage cyber attacks due to the increased complexity of said structures to deception, mechanisms that confuse or redirect the focus of a cyber attack or outright discourage attempts to mount a cyber attack. Honeypot techniques are also important in being able to discern the means and intent behind a cyber attack.
Any cyber attack favors the offensive entity, and while that means that preventing/stopping all cyber attacks is unfeasible, resilient systems stand a better chance having a reliable system. Such reliability can only come from progressive changes in how our systems are designed, and are critical to the success of critical operations.
