ABOUT NEWRISK LIMITED
  Dr Sally Leivesley
  Catastrophic Risk
  Smart Cities
  Recent Media Commentary
  Contact Newrisk Limited
    - Media Enquiries
     
    SERVICES
  Lectures & Conferences
  Exercises
  The Exercise Group7
  Papers & Publications
  Workshops
  Risk Assessments
  Post Incident Analyses
  Continuity Planning
  Crisis Communications
    -  Media & Social Media
  Employee Preparedness
     
    EXPERTISE
  Audit Assurance Risk
  Aviation Security
  Biological Threats
  Catastrophic Risk
  CBRNE
  Chemical Threats
  Continuity Planning
  Criminal Justice
  Cyber Security
  Defence & Policing
  Disasters
  Education & Training
  Emergency Services
  Explosives
  Financial Threats
  Insurance
  London in 2012 Security
  Nuclear
  Radiological & Dirty Bombs
  Reputation Risk Management
  Risk Management
  Terrorism & Security
  Transportation Security
     
     

 

Catastrophic Cyber Risks: Press Briefing Notes

Science Media Centre, London in April 2013

by Dr Sally Leivesley
Managing Director, Newrisk Limited (www.newrisk.com)
Advisor on catastrophic risk to companies and governments
Member of the Register of Security Engineers and Specialists, ICE

Catastrophic Cyber Risks:
Conflicts, crime and mischief are increasingly being played out in cyber space. There are inherent risks both through the growth in interconnectedness and to the controls of systems that store, transfer and develop knowledge through networks of electronic, computer-based and wireless systems.  Most significantly there are vulnerabilities within the language of security (encryption). A foreseeable end game is being played by nation states, organised groups and asymmetric non state entities to breach encryption and this will open systems to manipulation, interrogation and control. 


Solutions:

  1. International governance in the near term would be possible if an institution such as CERN, which was granted observer status to the UN General Assembly in 2012, had a role equivalent to the one played by the International Atomic Energy Agency in nuclear monitoring and global nuclear safety standards.  This would help to establish agreements for e-border management, international standards and oversight and there could be a National Security Council response if the security of states was threatened through cyber space.
  2. A fast track reduction of systemic risk would also be assisted by the formation of an international strategic scientific ‘cyber-hub’ populated by scientists from within national space agencies and academic institutions along with operational scientists from critical national infrastructure industry sectors. A joined-up virtual scientific hub can pool capacity and deliver fast-track systemic risk reduction through innovative strategic solutions, especially conceptual work on stabilisation for when systems become unreliable through any causal pathway.  Research off-line as well as a real-time accessibility for nations to a scientific cyber-hub could accelerate solutions and balance the risk of systems failures in a world that is becoming increasingly dependent on operating in cyber space.
  3. In the long term, a ‘post-encryption society’ is required to compensate for breaches in encryption. This is a challenge for long term academic research into novel systems for security and for a secure means of transmission that would generate stability for systems linked to cyber space. It would also provide the public with communications and personal data that could remain private. The utility of the current system would remain but as a legacy system for non-critical structures, data and communications traffic. 


Footnotes for Clarification:

 

Sally Leivesley


       DR SALLY LEIVESLEY




          BREAKING NEWS

  • TEG7
  • Cyber Threats
In response to the Paris & Brussels attacks, Newrisk Ltd has become part of The Exercise Group7. The TEG7 LLP is a dynamic team drawn from cyber & former special defence fields to exercise organisations & governments on emerging terror threats.  The TEG7 profile can be seen at www.teg7.co.uk.  The level of casualties from shooting attacks (as with the Bataclan (France) in 2015; Brussels airport (Belgium), Ataturk airport (Turkey), Nice beach (France) & Berlin Christmas Market (Germany) in 2016; & La Reina Nightclub (Turkey) in 2017) are the result of military style incursions by terrorists determined to maximise casualties.  Home grown terror threats are increasing in many countries - the New York & New Jersey bombs found in 2016 & the numerous disrupted plots in the UK, Germany & France - indicate serious changes in terror capability which may be made more dynamic as ISIS fighters return to their home countries.

Cyber threats are changing from loss of data & privacy to loss of control of business systems & more seriously reconnaissance attacks on critical infrastructure including energy grids.  The fragility of highly connected systems will become more serious in 2017 with open system dependencies (driven by business innovation).   Degraded capacity operations will become essential if persistent attacks affect critical infrastructure.  Exploiting cyber weaknesses are (i) criminals with ransomware & (ii) nation states aiming to disrupt, deter or signal capability against target countries.  The Ukraine power attacks remain a lesson for critical infrastructure losses.  Aviation remains the industry ‘canary’ for cyber failures & cyber forensics must evolve to close open investigations (as in the case of MH370).