It’s no coincidence that cybersecurity experts discuss cyber threats in terms that mirror those used by people who fight infectious diseases.
As the coronavirus pandemic continues to make networks and connectivity more critical to more people, it’s worth looking at lessons that are transferable between these two fields.
Be prepared. Military campaigns, cyber threats, and pandemics share a critical common set of elements. They are made up of known knowns, known unknowns and unknown unknowns. And as U.S. Secretary of Defense Donald Rumsfeld said during a news briefing in 2002, the unknown unknowns tend to be “the difficult ones.” Whether fighting pandemics or cyber threats, preparedness to deal with all three elements is essential.
Effective military, cybersecurity, and pandemic response strategies share a critical common goal. They all seek to address all three elements of their respective threats effectively. This means, of course, that strategists must immediately prepare for one known known — that they will fail to meet that goal. This, in turn, immediately raises the first unknown unknown — when, how, and how often such failures will occur.
News reports about the pandemic and responses to it, like those about high-profile cyber breaches, often detail lacks and lapses in the relevant respective strategies. But at least some such shortcomings are inevitable and unavoidable. The challenges are large, multifaceted and constantly evolving. And the challenges can be magnified by inadequate, slow-to-arrive, or non-existent resources, for whatever reason or reasons.
Cybersecurity experts, like medical experts, must strive to build and sustain the most effective, robust defenses possible. Those experts must also expect those defenses to fail occasionally, and be prepared to do everything possible to minimize the damage and recover as fully and quickly as possible.
In both cybersecurity and pandemic response, these goals require preparedness, in the form of tools and processes that use past experiences to anticipate threats and mitigate risks.
Be proactive. Effective cybersecurity and pandemic response strategies share another critical common element. They focus less on reactive defenses, and more on proactive risk management and mitigation. Neither cybersecurity nor pandemic response experts can get very far with reactive defenses alone.
Antivirus software alone is not an effective cybersecurity strategy. Nor are emergency rooms alone an effective pandemic response strategy. True preparedness requires a combination of reactive and proactive solutions that minimize both threats and vulnerabilities, whether you’re looking at safeguarding your company’s data or protecting people’s lives.
At a minimum, those solutions should intelligently monitor all relevant activities in an environment and alert appropriate responders to anomalous events.
Don’t go it alone. Understand that protection is a shared responsibility in which everyone has a role to play. This is just as true for cybersecurity as it is for effective response to pandemics and other threats to public health.
In cybersecurity, equipment vendors and software and service providers must deliver secure offerings, but it’s just as important that users practice effective cyber hygiene. All it takes is one employee to click on a malicious link to put a company’s data in jeopardy.
In pandemic response and management, it’s important to educate the public about ways to prevent the spread of a virus through hand washing, social distancing and sheltering in place. At the same time, governments and other organizations have the responsibility to coordinate programs for testing, contact tracing and other initiatives to maximize the stalwart efforts of first responders and healthcare providers.
In cybersecurity, industry standards and best practices — together with conformance programs and independent testing — provide a robust foundation for effective protection when consistently applied and enforced. Rigorous testing and third-party validation throughout the development and deployment of all connected products and services helps to ensure consistent compliance.
The fundamentals of effective cybersecurity are as basic as “ABC” – assume nothing, believe no one, and confirm everything. Technology decision-makers, vendors, standards bodies, research institutions, and regulators must collaborate to achieve and maintain effective “zero-trust” cybersecurity policies and practices, based on credible, verifiable facts.
Differences in cultures, customs, and laws make globally consistent standards and practices challenging where pandemic response is concerned. Political leaders and medical decision-makers must work with experts in epidemiology, quarantine management, diagnosis, testing, and cultural sensitivity to ensure the optimum balance of robust response and respect for citizens’ rights.
For example, the willingness to sacrifice personal privacy and civil liberties to enable more effective tracking and tracing of infection patterns likely varies widely from country to country.
It’s a marathon, not a sprint. There are often times when specific, tactical actions are necessary. However, every one of these must be part of a larger strategy. That strategy must be informed by lessons learned from past experiences and formulated to improve the prediction of, preparation for, response to, and recovery from future similar threats and challenges.
Otherwise it will never be possible to move from being reactive to being proactive. It is absolutely critical to avoid the “one and done” mentality when addressing cybersecurity infrastructure or pandemic response.
In both cybersecurity and pandemic management, it is critical to realize that total prevention will never happen, but adequate preparation is both possible and essential. That preparation should focus on two goals.
One is to contain and defeat those threats that can be contained and defeated. The other is to limit the effects of and recovery times made necessary by those threats that get through available defenses. This combination of goals focuses less on prevention and more on creating and operating a system that is as prepared, protected, and resilient as possible, even as threats evolve.
There are of course vast differences between cybersecurity and pandemic threats.
However, both provide useful lessons to improve preparedness and make all of us more resistant and resilient in response to both.