The defence cyber threat landscape in 2020

By Robert Gordon & Martyn Bull

Cyber is recognised as a key NATO defence domain, along with land, air and sea. This is because of the devastating impacts unauthorised access to defence systems and critical national infrastructure can have.

However, the cyber threat landscape facing governments and global defence organisations is always changing and hugely complex. Therefore, to effectively protect sensitive information and critical systems, sophisticated mitigation strategies are required.

What does cybersecurity mean in a defence context?

Cyber attacks compromise missions and reduce the ability of a military force to function effectively. Cybersecurity in defence, therefore, is the act of defending systems networks against hostile actors with these motivations. Malware and phishing attacks which exploit vulnerabilities on unpatched computers are often the cause of data breaches.

What are the different types of cyber threats facing defence?

Cyber threats are posed by hostile actors with a range of motivations and capabilities. These groups, or Advanced Persistent Threats (APTs), range from individuals and terrorist groups to nation states. Hostile actors can work in isolation or as part of a wider campaign to supplement physical attacks.

What are the defence-related impacts of cyber attacks?

The capabilities of attackers and the strategic significance of the networks under threat frame the impacts of cyber attacks. Depending on these factors, everything from human lives to the democratic future of nation states can be put at risk. Common attacks include:

  •   Disabling key systems and communications links
  •   Manipulating industrial control systems to cause physical damage
  •   Exfiltrating sensitive data

What are the challenges facing cybersecurity in defence?

Adapting to emerging cyber threats is the biggest cybersecurity challenge facing defence. To achieve this, cyber threat prediction and cyber attack mitigation strategies must be robust and multifaceted.

CYBER THREAT MITIGATION TACTICS FOR DEFENCE

Of course, cyber vulnerability assessments remain crucial to identifying, analysing and prioritising threats facing defence networks and computers. However, they should not be used in isolation. That’s because they don’t allow decision makers to prioritise threat mitigations in multi-stage cyber attacks.

By contrast, cyber threat prediction and modelling software allows analysts to be more proactive. This layers on top of traditional cyber vulnerability assessment and fuses threat intelligence feeds to power advanced analytics.

As a result, cyber protection teams can identify viable attack paths to critical systems ahead of time. Next, they can select from recommended mitigations to defend against the threat.

Cyber threat prediction and modelling software also provides real-time, actionable information through interactive visualisations. This provides commanders with enhanced cyber situational awareness, helping them reduce their network attack surface. They can also understand technical impacts in the context of the mission to prioritise responses.

What is the future of cybersecurity for defence?

Automation is seen as key to cyber threat mitigation in defence. By harnessing advanced analytics, threats to network security will be identified sooner. This will allow cyber protection teams to act faster and better protect sensitive systems and information.

Visual analytics is also becoming more sophisticated. This helps defence analysts interact with complex intelligence more effectively and action it more quickly.

What is Riskaware’s role in mitigating cyber threats to defence?

Riskaware’s cybersecurity threat prediction and attack modelling suite, CyberAware, has been developed over many years alongside leading government and industry partners.

Building on Riskaware’s extensive research into attack simulation and industrial process resilience, CyberAware helps commanders maintain mission performance. Meanwhile, interactive visual analytics helps cyber protection teams to mitigate ongoing and future attacks.

To learn more about CyberAware, read our in-depth product sheet.

Get In Touch

Are you looking for more information about Riskaware, our products or services?

Get in contact with us by filling out the form or call the office on +44 (0) 117 929 1058 and a member of our team would be happy to help.