Story image

Waikato Uni researcher travels to NATO's cybersecurity hub

10 May 18

University of Waikato senior lecturer Dr Joe Burton has now only published a new book about NATO this year, he also flew to Estonia to get a first-hand look at NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE).

The CCDCOE, located in Tallinn, is funded by NATO nations and focuses on cyber technology, law, strategy, training, and education.

Burton spent several months at the CoE at the end of last year, where he posed the question: ‘how do you deter cyber attacks in an increasingly complex world?’

His research explored this topic as well as action with norms, laws, and resilience.

“I saw a little bit of my role in doing this research as challenging some of the assumptions people have about cyber security. Militaries can be very closed bubbles, so that’s why I think having a centre for research excellence is a good thing, so they have academics come in to offer different perspectives on security,” Burton says.

Burton’s report will also be distributed to staff at NATO’s Brussels headquarters.

 “It’s good for Waikato, and developing New Zealand’s links with a significant international organisation. It may also lead to further opportunities including for some of our students, and other academics to go over and work with them.”

Dr Joe Burton

He says countries may have to use offensive cyber attack strategies to respond to severe, strategic cyber attacks, but those offensive capabilities should only be used ‘under exceptional circumstances’.

He notes that cyber attacks could include targeting critical infrastructure such as power grids, nuclear facilities, or even causing loss of life.

“Our response to deterring cyber attacks is often caught up in a military mindset. You can’t just deter a cyber-attack by threatening to launch a missile at someone,” Burton says.

“You need to deter through international and domestic laws, norms and cyber resilience, which means having the ability to get computer systems and the societal services they provide back up and running in the event of an attack.”

Burton also believes people need to think about civil and criminal responses.

“You have to move away from thinking you can have a militaristic response, or retaliate against a cyber attack with another cyber attack. That just opens a Pandora’s Box, and perpetuates the cycle of disruptive and damaging activity that no-one wants to see.”

Most attacks don’t reach such a high level of severity, but even general cybercrime could end up being a $6 trillion black market by 2025.

On top of that, recent scandals include the Cambridge Analytica saga and its role in the Trump administration, as well as Brexit.

Burton says it demonstrates how cybersecurity is now militarised, while data and social media are now ‘weaponised’.

“Look at Cambridge Analytica, and Mark Zuckerberg being called to testify in the US. It was the Facebook platform that was manipulated to spread Russian propaganda, so how are you going to deter that kind of activity?”

“How are you going to deter countries from weaponising information on Facebook? You’re not going to do that by having a military approach, you're going to do that by having Zuckerberg sitting in front of Congress and putting pressure on him to regulate the activity so that the Russian state can’t buy US election advertising.”

Dr Burton’s new book, ‘NATO’s Durability in a Post Cold War World’ was published in March 2018 by SUNY Press, New York.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.