Enabling Distributed Security in Cyberspace
Like natural ecosystems, the cyber ecosystem comprises a variety of diverse participants — private firms, non-profits, governments, individuals, processes, and cyber devices (computers, software, and communications technologies) — that interact for multiple purposes. Today in cyberspace, intelligent adversaries exploit vulnerabilities and create incidents that propagate at machine speeds to steal identities, resources, and advantage. The rising volume and virulence of these attacks have the potential to degrade our economic capacity and threaten basic services that underpin our modern way of life.
This discussion paper explores the idea of a healthy, resilient — and fundamentally more secure — cyber ecosystem of the future, in which cyber participants, including cyber devices, are able to work together in near-real time to anticipate and prevent cyber attacks, limit the spread of attacks across participating devices, minimize the consequences of attacks, and recover to a trusted state. In this future cyber ecosystem, security capabilities are built into cyber devices in a way that allows preventive and defensive courses of action to be coordinated within and among communities of devices. Power is distributed among participants, and near-real time coordination is enabled by combining the innate and interoperable capabilities of individual devices with trusted information exchanges and shared, configurable policies.
The paper concludes with a brief discussion of incentives and recommendations for the way ahead. It posits that the slow adoption of available best practices and technologies in the face of increasing cyber attacks indicates an imbalance of incentives and proposes that better and more widely disseminated aggregated and anonymized information about the frequency and actual harm of cyber attacks is needed. Despite the many open questions remaining, the field is ripe for planning and action. Feedback on this paper and comment on all aspects of the problem are welcome at cyberfeedback@dhs.gov.