General Keith Alexander discusses how transatlantic alliance is crucial in an era of cyberwarefare
“We have a duty to protect the internet, so invest in cybersecurity to safeguard our digital world”
It is our sincere pleasure to kick off our second year of the Shield in the Cloud program by sharing with you our whitepaper.
The whitepaper is a summary of the discussions, leading thinking and impactful innovations that all formed part of our inaugural Shield in the Cloud program, In partnership with AWS, PeaceTech Lab and SAP NS2, the program uncovered, highlighted and supported ways in which technology was driving a change in critical thinking on how to tackle corruption, a core destabilizing factor in the peace of every nation. Innovation promoting transparency, accountability and compliance is visible within startup communities, non-profit organizations, large corporations and even Governments. We are proud that our annual Shield in the Cloud program stimulates the type of collaborative thinking needed to bring about change.
We are now open for applications for this year’s program so please forward on to anyone you feel would be interested in being part of this movement.
We hope you enjoy reading it.
Infographic by Varonis.
C5 has further expanded its US operations, with the hire of Tami Longaberger as Head of Partnerships, US.
Longaberger will also join the Board of C5’s Cloud Leadership Centre (CLC), C5’s non-profit organisation that supports thought leadership and philanthropic investments in the area of education, conflict resolution, conservation and veterans’ welfare.
C5 Founder, Andre Pienaar says: “C5 is investing to support the growth of our portfolio companies in the US market by appointing Tami Longaberger as Head of Partnerships for the US. Tami will lead our strategic partnership to create new growth opportunities for our portfolio companies across all our investment funds.”
Longaberger was formerly the CEO and Chair of the Board of her family business, The Longaberger Company. The private company, started by her father in 1973, grew to over USD1 Billion in annual revenues at its peak. She sold the company in 2013. She currently serves as the Director of the Longaberger Family Foundation.
She has been deeply involved in international issues; in 2003 she was appointed by President George W Bush as a US Delegate to the Human Rights Commission, and from 2005-2008 served as Chair of the National Women’s Business Council and the Board of Woodrow Wilson International Center for Scholars. She currently serves on the International Republican Institute Board of Directors, a Washington, DC based organization dedicated to advancing democracy worldwide.
Longaberger says: “It is a privilege to join the very talented and growing team of C5. The passion the entire team has for innovative technologies, with transformational purpose to support and protect our national security interests, is creating a new definition of Social Impact Investing and an opportunity for our investors.”
The push to allow Cyber Command to go on the offensive is welcomed by former chair of the Joint Chiefs of Staff Adm. Mike Mullen, adding that nation-states that have targeted the U.S. need to pay a “fairly significant price” for their actions.
“I’ve thought for some time we were going to have to go on offense,” Mullen told CyberScoop. “Our training says until the enemy starts to pay a price, it pretty much has an open runway. I think that line has to be drawn, and we have to respond, and they need to pay a fairly significant price for what they’re doing.”
Mullen said he is comfortable with U.S. Cyber Command taking on these offensive measures as part of its rise to a unified combatant command. The unit was officially given that distinction in May.
His comments come as he assumes the chair position at the newly formed ITC Global Advisors, the newly formed cybersecurity advisory wing of ITC Secure.
During the interview, Mullen touched upon allowing private entities to hack back, the ZTE controversy, and how the DOD should embrace cloud computing.
The interview has been lightly edited for length and clarity.
CyberScoop: There’s been a lot of talk around Washington regarding the notion that private entities should be able to hack back if they’ve been attacked. Do you think the government should give companies the ability to hack back and go on the offensive?
Adm. Mike Mullen: I don’t how we comes to grips with the threat unless the private and government sectors are working together. There are major companies that do not want to share anything with the government. This is a very difficult time in terms of data, in loss of tools, that kind of thing. And look at the private side, the CEOs that have been marched out of their jobs due to lack of cyber capabilities. There’s great tension between security and privacy. How we come to grips with that…I don’t think that’s out there yet.
So to specifically answer your question, I haven’t seen a path where I could authorize a company, say, Sony Pictures, to respond to the North Korean government. So what about responding to criminal hackers? There is a heated debate about that, about what we should authorize, and what’s okay. That’s an open question. I don’t think there is much wisdom in letting private entities respond offensively to state-sponsored cyber intrusions.
CyberScoop: Another part of the conversation around offensive capabilities stems from the White House pushing Cyber Command to be more offensive. With the recent elevation to its own combatant command, is the offensive push a smart strategy for how to utilize that force?
Adm. Mike Mullen: The elevation was inevitable. It was going to have to become its own four-star command. I think in a case like Sony, Cyber Command would be the one to respond. I’ve thought for some time we were going to have to go on offense. Our training says until the enemy starts to pay a price, it pretty much has an open runway. I think that line has to be drawn, and we have to respond, and they need to pay a fairly significant price for what they’re doing. I would be very much for legal, regulated application of offensive capabilities.
CyberScoop: Speaking of threat actors, I would like to get your thoughts on the ongoing struggles with ZTE. China has long been considered our adversary in cyberspace, and over the past 18 months, the government has really started to tighten up with regards to what companies they want operating in the U.S. Do you think the government is handling the ZTE case well or would you go about it in a different manner?
Adm. Mike Mullen: I think those cases are indicative of the challenges we have down the road, in particular with China. I, along with many, am confused about ZTE. They’re a company that has been sanctioned twice now for giving away U.S. technology to China, a country that in many ways is a potential enemy until proven otherwise. So, I think giving our technology away needs to stop.
We’ve worked a long time to keep Huawei out of the U.S., and I strongly concur with those actions. So then I get confused about what’s the difference between Huawei and ZTE, and I haven’t seen much, other than they’re two different companies.
The bigger question is what we are going to do, long term. How does this fit in to our relationship with China, particularly when you talk about how intertwined our economies are, the whole issue with the trade war, and what are we going to do about technology? How do we stay competitive in the future and how do we see us against this China 2025 program? There’s a lot there.
CyberScoop: I would love to get your thoughts on the DOD’s need to move to cloud. The JEDI contract seems to be positioned more for commercial cloud rather than hybrid or on-premises cloud environments. What’s your perspective on what DOD needs in terms of modernizing its it infrastructure? Is commercial cloud the right fit?
Adm. Mike Mullen: We should be in the cloud. I don’t think there’s any question about that. I would be very comfortable saying that DOD is spending a ton of money and moving to the cloud could save a ridiculous amount of money. But getting there, particularly when we build systems the way we have in DOD, where everybody builds their own cloud, I know enough about those complexities and trying to get them in one solution. It’s enormously challenging.
CyberScoop: So how should DOD balance the different factors? There’s this need for the DOD and the military branches to stay innovative and competitive with adversaries. What do you think DOD needs to do to position itself in terms of whether it relies on commercial cloud or on-premise vendors?
Adm. Mike Mullen: I’ve been through a couple cloud drills, specifically with respect to security. If cloud providers can’t provide security for even unclassified information, they are not going to be around long. So they’ve invested an enormous amount to keep data secure. I think anyone who is going to make the decision to guard data should make that investment.
I do think the various levels of classification, we have to figure out what the crown jewels are and make sure that literally nobody has a chance at those. However, I do think there is a substantial opportunity well outside the “crown jewel” space. You can go into the commercial cloud and be secure. I mean, when the CIA puts a significant amount of its life in the cloud…it’s worked pretty well. However, that doesn’t mean that everybody should use the exact same model.
Billy Mitchell contributed to this report.
This is the legacy of the 6th Duke of Westminster who served throughout his life in the British Army.
It is the single biggest charitable gift to the British nation and our allies.
Read the full article in the Financial Times
When I started work on cybersecurity, less than 2 percent of the world’s population had access to the internet. Today more than 3,6bn people and 6bn devices are connected to the same infrastructure.
This digital world is the first man made global commons.