Recruiting a Context-Aware Cyber Army

Recent news that the UK government is looking to train army reserves to become cyber defence specialists is understandable. Facts and figures paint a worrying picture for the government about the impact cyber-attacks are having. One such study claimed cyber-attacks hit government departments around 1,000 times per hour, while another said they cost the UK £27 billion each year.

Prime Minister David Cameron and other members of the government have spoken about the importance of improving the nation’s cyber defences. Foreign Secretary William Hague described it as one of the “great challenges of our time” and one which the UK must confront. Adding cyber skills to the military reservists seems like a good idea. The announcement about the move said reservists will be offered “enhanced training” to counter emerging cyber threats and reflects the growing need to prepare our defences for both the online and offline threats of the modern world.

It’s certainly great news for the security community that the MoD has recognised the increasing cyber threat and is actively investing in its capabilities in this field and it should be viewed as such by UK citizens. With the Territorial Army (TA) announcing that its new recruits will be "supporting traditional military operations with coordinated cyber operations in a new era of war fighting", including both attacking the computer systems used by the enemy, as well as defending the systems used by the British army, this is a positive step in improving defences and a lead that businesses should take note of as well. By adding cyber specialists to their IT teams, businesses can improve their defences, helping them stop the types of attacks that can cause so much damage, both financially and in terms of reputation.

There is one aspect of the training that would give businesses an even bigger helping hand: using context. It’s all very well knowing what the security threat is, but by adding context businesses can know so much more. Which application is the threat coming from? Where is it going? Which users? What sort of content is the threat being transmitted with? What is its deployment environment? With each threat potentially targeting a different industry sector, business or even data within a business, it’s hard to know where to start with putting up defences. However, by understanding the context of where data is coming from and what it is looking for, alongside information such as the location and type of device being used can, helps to give businesses a full picture of the threats it is facing.

With all this additional context a business can know where the weakness lies in its security infrastructure too. Linking together all the information that is flowing across the network and data centre is the best way to fully understand what threats a business is facing and how to deal with them. Adding context to your security infrastructure not only ensures your business remains protected from ever-changing threats, but also ensures that genuine traffic gets through. This means workers can use the applications they need to without fear of disruption

The latest threat that I’m seeing now is a step on from this – the context-aware hacker. With businesses increasingly waking up to the cyber threat and putting defences in place which shut down access to unauthenticated users, hackers are now looking at ways in which to adapt attacks in order to make them more powerful. It’s no longer a case that a password is enough to protect a business and its data – instead enterprises need to look at how to protect themselves once a hacker disguised as an authenticated user enters the network.

Much like the cyber story has been so far, the latest developments require businesses to react to new threats. If hackers are aware of how context is working against them and trying to find ways to shift and adapt during a targeted attack, then we as cyber experts and the businesses we work with need to be able to shift our defences to meet them. The challenge is finding people with the right skill sets to meet these new forms of attack and the incentives to join this type of career need to reflect the responsibility and importance that cyber roles have now taken on.

Recruiting a cyber-army as part of the British defences should absolutely be a priority for the UK government and I fully support their focus in this area. It’s not just down to the government and the army to protect the nation, though. Businesses have a responsibility to drive an understanding of security procedures and regular reviews of their systems in order to ensure their data is safe. Unless we all work together on this, the gaps in our armour could well be our downfall.


Joakim Sundberg is Worldwide Security Solution Architect at F5


« Mentoring: A Key Component to Avoiding an IT Skills Gap


DRC: Demystifying the Conflict Minerals - The 3Ts and Gold Mystery »
Joakim Sundberg

Joakim Sundberg is Worldwide Security Solution Architect at F5

  • Mail


Do you think your smartphone is making you a workaholic?