Cybersecurity is an important topic in today’s political and security climate. Our staff recently had a Q&A with Dr. Clay Wilson, a leading cybersecurity analyst.
About Dr. Wilson:
Photo: American Public University
Dr. Clay Wilson is the Program Director for Cybersecurity graduate studies at the American Public University, where he has responsibility for designing new courses. He is past Program Director for Cybersecurity Policy at the University of Maryland University College (UMUC), where he oversaw development of new graduate-level courses. Dr. Wilson is also a former analyst for national defense policy at the Congressional Research Service where he analyzed cyber intelligence reports for the U.S. Congress and NATO committees on net-centric warfare, cybersecurity, nanotechnology, and other vulnerabilities of high-technology military systems and critical infrastructures.
Dr. Wilson is a member of the Landau Network Centro Volta, International Working Group, an organization that studies issues for non-proliferation of CBRN and Cyber Weapons. He has moderated panels for the National Nuclear Security Administration on nonproliferation for Cyber Weapons in Como, Italy, and has presented at the China Arms Control and Disarmament Association in Beijing. He has also presented at the US Defense Cyber Investigations Training Academy, at the US National Defense University on the topic of cybercrime, and at the Cyber Conflict Studies Association on the cyber capabilities of terrorist groups. Other projects involved research and training for Abu Dhabi government officials on computer security and network technology for defense and crisis management while living in the United Arab Emirates. He received his PhD from George Mason University.
- Could you briefly tell us a bit about your area of expertise and the work you’ve been involved in?
Cybersecurity technology will continue to evolve at a rapid pace, and the policy required to manage its uses will always lag. Network technology has evolved to enable small groups or individual extremists to send malicious attacks through the internet that can disrupt nations and bypass traditional military protections. I have been fortunate to work with congress, NATO, and the US military by reporting on some of the vulnerabilities found in technologies for new weapon systems and the possible levels of risk to our national security. Individuals and businesses have a responsibility to protect their cyber security at the local level. I have been able to influence law makers to give more attention to designing policy for better management of new technologies.
- From what I’ve read, you’ve been in the field for quite a while… how did Cybersecurity change over the years? How do you think it will look like years from now?
In the very early days, computer facilities were often unlocked and open. Then, people could tour facilities with their friends and look at the fancy lights on the systems. Today, we recognize that these systems are so important to every industry and government service that they must be carefully protected along with the data that is processed. Computer facilities were once considered to be only a domain for technologists. Cybersecurity is now considered an important management issue. Positions now have titles such as CIO and Information Security Officer, with top management responsibilities.
- Are there any developments in particular which you think will change Cybersecurity?
Technology will certainly continue to evolve and new services and conveniences will emerge in ways we cannot entirely imagine. For example, today we have wearable devices that can record biological signals, which are then transmitted through the network to central databases where they can be observed and monitored by doctors who are located great distances away. This is a wonderful development that can improve the health of many people around the world. Doctors who work entirely through the internet will no longer need to be nearby, or even in the same country, to manage individual health care. However, this new convenience also offers new opportunities for malicious actors to cause disruption. Society will need to find ways for cybersecurity to protect the health and privacy of citizens around the world.
- What would you advise someone wanting to develop a career in Cybersecurity? What should he or she seek to learn, what skills should be developed? In other words, if you were hiring someone, what would you like to see?
Most companies today are looking for cybersecurity technology workers with the skills to understand and operate newer technologies. There is a strong need for network administrators and systems analysts who can help detect the complex and subtle intrusions where hackers and malicious code try to sneak quietly into computer systems hosting sensitive data. These skills are important for maintaining national security, and well as corporate security. There is also a need to protect against loss of proprietary intellectual property due to deception and cyber espionage, whether coming from other countries or industry competitors. Cyberattacks are now also directed against end users who can be deceived into revealing their user IDs and passwords. Technology by itself often cannot protect against this type of cyberattack. Cybersecurity policy workers provide instructions to users and organizations about methods for best practices to prevent users from mistakenly allowing threat actors to hijack computer systems and steal sensitive data. Cybersecurity policy analysts also attempt to manage interactions between organizations and countries as they share commerce and communications over the internet.
- Are you a fan of formal education all the way, or do you believe that in order to become really good, you have to study and practice a lot on your own?
All cybersecurity practitioners need a background that makes them familiar with some of the technologies used for computer operations, or used in software programming. Personnel with cybersecurity responsibilities need to have similar understandings about the basics of computers and software whenever they are required to work together to solve cybersecurity problems. The best way to gain a strong background in the basics is to obtain direct experience working with the computer or programming technologies and then supplement that experience with formal education where the theories behind these technologies are explored and researched. Some very talented individuals are able to bypass the requirement for a formal education because of their intense devotion and focus on developing their skills by using the technology. Law enforcement often hires hackers because these are the people who have the best knowledge about what to look for when there is a need to investigate a computer intrusions or data theft.
- You’ve worked at the highest level, with the US Congress and NATO. If you can, please describe the type of work typically involved in the day-to-day work (what kind of attacks you have to face, how you improve security principally, etc).
Cybersecurity is gradually being recognized as a global problem, not just one that can be handled by domestic laws. Different countries need to cooperate to reduce crime and disruption because victims can reside in one country while threat actors can reside in another. Countries need to agree to work together to enforce similar laws through signing treaty agreements. There needs to be cooperation on extradition principles as well as on how to reduce threats to technology. These are mainly policy considerations, where cybersecurity experts provide guidance to help law makers from all countries appreciate global cultural differences and to develop understandings that are beneficial for global economic growth along with mutual respect worldwide.
- I found this particularly interesting bit on your LinkedIn page: “New threats are examined, such as Electromagnetic Pulse and Microwave Directed Energy, along with the vulnerabilities that are targeted by new Advanced Persistent Threats.” What exactly do you mean by “electromagnetic pulse and microwave directed energies”? How are they a threat to cybersecurity?
New technologies sometimes defy common understandings based on past experiences. For example, directed energy can be used to overheat and disrupt computer circuitry. Movies often incorrectly portray electromagnetic pulse (EMP) as a temporary disruption where computer systems can just be switched back on after a few minutes downtime. The reality is that unless a system is carefully protected, after it is hit by a pulse of high energy the computer is practically useless and can just be thrown away. People are not used to thinking about cybersecurity in this way. However, devices that produce strong EMP can be purchased now over the internet because they have commercial uses. An extremist or terrorist group may one day choose to use such a device to cause local or widespread disruption. It is the responsibility of educational institutions to prepare cybersecurity practitioners so they understand realistically how newer technologies can be used in a cyberattack and how to realistically protect against the newer types of threats, such as directed high energy pulses.
- As far as you can divulge, what are the greatest cybersecurity vulnerabilities and what measures do companies and governments take to address them?
Cybersecurity technology is very sophisticated now. Threat actors know this, so they bypass these protections and direct their attacks against the end users. Advanced Persistent Threats (APTs) involve deceiving users into revealing their passwords so hackers can take over systems by impersonating inside users. Technology cannot stop this type of attack, so end users need to learn and follow best security practices to protect their sensitive information from theft and misuse. The newest type of cybersecurity threat is called a cyber weapon. The best known example is the STUXNET malware cyber weapon that was launched against Iran to delay their nuclear development program a few years ago. The cyber weapon was inserted into Iran’s top secret computer system by fooling local technicians into picking up a thumb drive and inserting it into a computer running inside the facility. The thumb drive contained the STUXNET malware, and the end users did not follow best practices. The STUXNET cyber weapon secretly operated to make the nuclear facility equipment malfunction for several years before finally being detected.
- Is there anything else that you feel anyone interested in the field of cybersecurity should know? Feel free to add anything at all!
If you are interested in technology, study the field of Information Assurance. That involves cybersecurity with a focus on the operation of hardware and network systems. If you are interested in managing the technology and working for better global cooperation, study the field of cyber security policy. That will help create better strategies for managing the technologies that are constantly changing. Two examples of the newest technology developments are robots and 3-D Printing. Robots are just computers that move, but they will eventually make decisions acting as proxies for people. We will see this soon in the form of self-driving cars. 3-D printing threatens the existing laws and policy for copyright and patent because electronic files for 3-D objects can be pirated and transmitted instantly around the globe, similar to the way MP3 music files were once pirated and swapped among computer users on college campuses. The future hold much promise for new conveniences and new vulnerabilities. There will be many directions where cybersecurity will need to be applied in new ways.