Author: Alessandra Scicchitano (GÉANT)
Wikipedia says that in 1993 the internet was used to communicate only 1% of information, compared to traditional media. ‘Cybersecurity’ maybe wasn’t even a word back then simply because there was no need for it. This would explain why when I was at Engineering school I never had a security lecture. Perhaps I shouldn’t write that. It sort of makes me feel old. But the truth is that the world of internet and security changes fast. Faster than normal.
It reminds me of a scene in a Superman movie where Superman uses all his strength to make the earth spin faster and, in a few seconds, already be in the future. It makes me look around and wonder where Superman is hiding in the technology world! Because today in 2016 the world wide web not only looks very different and is used for almost everything we do, but it is also hard to imagine how life could be without it. And so it is too for cybersecurity, which is not only a very well known word and concept, but above all a very important one, because the internet that we now use for more than 97% of our work and daily communication is full of dangerous tricks and risks.
While searching for inspiration for this blog I found a cyber threat map on the FireEye website, which gives a clear idea of how often cyber attacks happen. And they happen from everywhere to everywhere! Because the beauty of the internet is that it doesn’t have geographic limitations. Something that hackers also appreciate very much.
Important international projects have more and more successfully appeared in recent years, introducing one more layer of complication: distribution. Data is now distributed and replicated all over the world, hosted by different e-infrastructures. It is increasingly difficult to keep track of how and by whom the data is accessed and used.
But distribution of data is only one of the many aspects that can be exploited by cyber attackers. The human factor is another. There are many examples in recent history of human attitude and behaviour making a system weaker and more exposed. Like downloading an insecure file that opens the door to a possible ransomware attack. The word ‘ransomware’ did not exist 10 years ago and now it is one of the biggest threats in 2016. Once hackers hold data or a system hostage, there is little that can be done. Even the FBI suggests paying up!
At the same time, collaboration and exchange of knowledge is also the strongest tool to prevent and fight cybercrime and, as proof of that, there are many groups that promote successful collaborations. In the NREN community a well-known example of such a group is TF-CSIRT, where many security experts get together to exchange experience and learn from each other. In the past years TF-CSIRT has grown extensively, showing that bringing people together with a common interest is indeed one of the most powerful and effective ways to reinforce defences against cybercrime.
And this is what we do too in WISE, which stands for Wise Information Security for collaborating E-infrastructures. WISE is building a global trust community where security experts from various e-infrastructures and projects come together to share information and create collaboration.
Having been founded in 2015 by members of the GÉANT group SIG-ISM (Special Interest Group on Information Security Management) and of SCI, the ‘Security for Collaboration among Infrastructures’ group of staff from several large-scale distributed computing infrastructures, and with participants from e-infrastructures such as EUDAT, PRACE, XSEDE, NRENs and more, WISE focuses on standards, guidelines and practices, and promotes the protection of critical infrastructure.
This very young community meets at annual meetings organised around the world and collaborates within working groups that focus on topics such as risk assessment and training. Everyone interested in these topics is invited to become part of our community and participate in our activities. This year one of the meetings will be a BoF at TNC16 where the 5 different WISE working groups (SCIV2, STAA, RAW, SRA and SBOD) will be presenting their work so far.
My hope is to see as many people as possible joining me and the WISE community, to build the collaboration that will enable us to help Superman not only spin the world but make it a safer place!