As a young Air Force officer, I found myself in many situations explaining the capabilities required to operate and defend networks. Generals routinely asked about capabilities – we wrote concepts of operations and doctrine to explain the capabilities and proper ways to employ them for operating and protecting what is now discussed as cyber – modern cybersecurity. Today, after over 20 years of military and commercial experience, cyber continues to become more intelligent, and I still find myself explaining capabilities required to operate and defend cyber.
While our world continues to evolve, operating and protecting cyber will go through transformational pivots. If we allow ourselves to speculate on what the year 2035 might look like, we’ll recognize results of these pivots. In 2035, artificially intelligent (AI) cars will be standard in a global environment that requires granular control and balance to protect lives. Cyber leaders will be educated on cyber technology and capabilities required to both operate and defend the environment.
As cyber leaders, they will have a commanding grasp of some guiding principles, including:
- While technologies change “Moore” fast over time, capabilities stay more consistent.
- Building to well defined capabilities allows you to create cohesive, agile and flexible approaches for knowing/visualizing an environment, controlling users/things and reducing risks.
- The capabilities to operate and defend cyber are essentially the same – separating them makes operations and defense teams less cohesive, less agile and less flexible while creating dangerous blind spots.
- Readiness based on capabilities is powerful when personnel skills sets tie directly to capabilities since you gain personnel force efficiency and global reach with extensible capabilities.
The more I think about protecting AI cars, the more I like cyber leaders of the future. They're going to listen to people that are bold about the capabilities required to operate and defend networks and realize when status-quo technologies need to transition the way of the extinct TRS-80.
The leaders protecting AI cars will quickly realize that making strategic decisions on compliance regulations – many of them dictated by bureaucratic legacy organizations that are pushing paper when they should be innovating – fails to reduce risk or provide security. Those leaders will grade organizational readiness on a daily, hourly, minute or second basis using capabilities required to operate and defend networks irrespective of the technology trends of the day. They will utilize cohesion, agility and flexibility in ways that make geographic location irrelevant when a cyber event or alert happens. They will be students of technology and leadership to employ the following capabilities in some form to operate and defend the AI cars: (no priority order here)
- Command and Control: Provides mechanisms to task appropriate entities along with the ability to track status of tasked operations through to completion.
- Situational Awareness: Provides status on current health, operations, intelligence, threat and other information deemed critical to leaders and operational personnel. Includes customized views based on the needs of organization entities.
- Visibility: Provides direct access to previous and current state information for all things such as network traffic, network devices, endpoint devices, smart devices, operating systems, users, applications, AI cars.
- Attack/Event Identification and Triage: Identifies events, incidents, threats and anomalies in a manner that inherently triages and categorizes activities based on their impact to human life and the environment.
- Configuration Control and Governance Monitoring: Automates compliance, governance, health and management through constant interaction and polling of all things, devices and systems.
- Collaboration: Real-time interaction and communications to create a synchronized environment. Allows distributed and consolidated operators to communicate and interact effectively as required depending on the circumstances of events.
- Continuity of Operations: Ability to provide complete and robust services, operations and defense at all times while maintaining continuous functions, tasks or duties necessary.
- Active Isolation: Provides automated and manual actions to defend against malicious, unintended and unwanted activities on the enterprise.
- Hunting: Identifies anomalies that indicate malicious, suspicious and unwanted activities. Enables defense personnel to perform general and surgical activities during patrol operations.
- Threat Intelligence and Indicator Management: Provides access to all source intelligence from unclassified and classified sources. Provides ability to document and analyze threats as a part of trending, hunting, and tracking attack campaigns to fuse actionable intelligence and indicators directly with cyber systems.
- Critical Information Identification and Tracking: Provides automated and manual means to identify and track the movement of critical information to ensure integrity and proper use.
One day I hope to ride with my family in an AI car knowing that an outstanding cyber leader understands what's at stake and uses capabilities to the fullest extent possible when keeping us safe.
We all have to think differently, and that can’t wait. Palo Alto Networks is delivering transformational pivots today through our purpose built Enterprise Security Platform. Our platform reduces dangerous blind spots because it extends protection and provides visibility across all network traffic, cloud infrastructure, endpoints and mobile devices.
There is a reason we are the fastest growing cybersecurity company in history and up for the challenge of protecting future AI cars. We succeeded in a vision to create an integrated platform that provides unmatched security. Don’t miss out on an opportunity to change the status-quo and modernize the way you protect your premise, cloud and mobile environment. Spend time with our experts and learn how to gain flexibility for business line support without compromising security or risk. Your entire organization as well as your IT operations and security professionals will be glad you did.
Fill out a sales contact request form here and see what’s possible.