CybersecurityBolstering cybersecurity by taking a step back in time to analog security systems

Published 7 January 2015

Richard Danzig, the vice chairman for the RAND Corporation and a former secretary of the navy, is saying it is timeto take a step back in time and incorporate analog security systems into cyber infrastructure. “Merge your system with something that is analog, physical, or human so that if the system is subverted digitally it has a second barrier to go through,” he said. “If I really care about something then I want something that is not just a digital input but a human or secondary consideration,” he says.

Richard Danzig, the vice chairman for the RAND Corporation and a former secretary of the navy, is saying it is time further to incorporate analog security systems into cyber infrastructure.

The Age reports that Danzig spoke on the matter following the recent accusations by the U.S. government that North Korea was responsible for a cyber attack on Sony Entertainment Pictures.

“We could declare war based on what nations are doing to us now,” he said.

Speaking at New York University’s Polytechnic School of Engineering, Danzig told the audience that today’s policy makers were not doing enough to grasp the potential harm that can be done to critical IT infrastructures within the country.

“Their goal is a more modest one which is to alter our ability to act,” he said regarding key potentially threatening countries, “It is to imagine a situation where the U.S. government is to deploy forces abroad or make some major decision about supporting an ally or protecting our interests and the threat of cyber attack may be great enough that it undermines our ability to achieve that end.”

Pitching a recent paper which included input from academics, government and military officials, and private industry leaders, Danzig reminded the audiences that digital systems not only granted unprecedented power, but also created greater insecurity within that same sphere.

“Think about Edward Snowden,” he added. “He is not unique but what is striking is that we have had lot of people do that kind of thing [release classified documents] over history but we have never had someone who has taken 1.7 million documents. Snowden is empowered by the concentration we created.”

The solution to this, according to Danzig, is to take a step back in time and focus on more analog means of security.

“Merge your system with something that is analog, physical, or human so that if the system is subverted digitally it has a second barrier to go through,” he said. “If I really care about something then I want something that is not just a digital input but a human or secondary consideration.”

Calling these “our of band” measures, Danzig is now advocating for human intervention — even flicking a physical switch — in the hopes that networks are more safely protected.

First, however, the policy must change.

“Most senior policymakers have grown up in a world when cyber security was not a prominent issue…Most of the technologies are evolving faster than our comprehension of them.”

— Read more in Richard Danzig, Surviving on a Diet of Poisoned Fruit: Reducing the National Security Risks of America’s Cyber Dependencies (Center for New American Security, 21 July 2014)