Digital Statecraft, Digital Streetcraft

This discussion draws from Michael Daly’s work in intelligence to first define the supply chain and contextualize its importance; and secondly, to offer strategies for fortifying defenses against malicious attacks on the software it utilizes. Additionally, Michael stresses just how complex the supply chain has grown in the last decade alone. Add increasingly complex software to the mix (requiring millions of lines of code for even the simplest devices) and you’re looking at a pressing supply chain security problem. Host Trey Herr and guest Michael Daly discuss the following facets of supply chain software and more: Cryptographic hashing to legitimize code integrity. How to use ‘whitelisting’ to avoid potential malware trouble. The rise of cyber insurance and security services to combat threats. Why software and the supply chain is much more vulnerable now. ----- Key Links   Mitre ATT&CK Webpage    ----- Follow us on Linkedin Support the show on Patreon ----- Digital Statecraft, Digital Streetcraft is

In this episode of Digital Statecraft, Digital Streetcraft, we are joined by Dr. Trey Herr, Director of the Atlantic Council’s Cyber Statecraft Initiative; Mariah Kenny, a recent Graduate from the University of Virginia and NCCDC UVA team captain; and Caroline Linkous, freshman and Echols Scholar at the University of Virginia. Together they discuss the importance of training and educating the next generation of cyber defenders in order to remain at the forefront of the cybersecurity field. ----- Key Links https://www.nationalccdc.org/ https://www.atlanticcouncil.org/cyber912

Supply chain attacks have caused some of the most damaging cyber incidents in history, including the 2017 NotPetya malware incident, and they are on the rise. The proliferation of internet-connected devices and the increased reliance of foreign manufacturing increases the attack surface for organizations and makes maintaining visibility into an entire supply chain challenging. The Atlantic Council and Raytheon facilitate a dynamic and solution-oriented discussion on mitigating supply chain risks in an increasingly-connected world. -----Key Links NotPetya

Early 2019 saw the biggest inflection point in US cyber strategy since 1998, with the White House, Department of Defense, and Cyber Command all publicizing new strategies. These new strategies adhering to persistent engagement will have second and third-order effects in the interconnected cyber world. The Atlantic Council and Raytheon facilitate a discussion covering whether these new strategies are the right strategies and how the US can make them work. -----Key Links Joint Force Quarterly, Issue 92, 1st Quarter 2019 National Cyber Strategy DOD Cyber Strategy Blogpost

Humans are on the front lines of cybersecurity. As companies grow weary of disappointing “silver bullet” technical cybersecurity solutions, they need to turn to their workforce and the cyber community. Employees are more than just a weakness in the cyber perimeter; they can also be a valuable resource once equipped and educated. Employers should also be open to potential security professionals with unconventional backgrounds who can provide invaluable non-technical perspectives. -----Key Links Atlantic Council Cyber 9/12 Page Sean Berg Blog Post ---- Produced by Simpler Media

The security of US critical infrastructure is vital to the nation’s security, prosperity, and well-being. We live in an era of constant advances in the sophistication of attack technology and the emergence of more destructive attacks and bolder nation-state actions, resulting in unprecedented access to power grid operations. Despite renewed concerns about the threat and the risks associated with potential disruptions, threats clearly outpace our ability to secure the infrastructure. More details at: https://www.atlanticcouncil.org/blogs/new-atlanticist/our-critical-infrastructure-is-more-vulnerable-than-ever-here-s-what-we-can-do-about-it Follow us on Twitter!