Picto Diary - 21 October 2018 - Alex Stamos, Hoover Retreat, Stanford University
ALEX STAMOS Stanford Professor, visiting fellow, Hoover Institution. Former chief security officer, Facebook. 21 October 2018
"The Peril and Promise of Cybersecurity and American Competitiveness"
Takeaways
US strongest world player in cyber talent. But...
Conundrum: In US cyber war efforts are government supervised mainly via NSA. Not so China/Russia where cyber war efforts are privately developed and later hired/channeled by government. China/Russia far more organic, and because of no constraints, far more effective in offensive cyber warfare.
US doesn't allow privately developed cyber warfare efforts.
Free nature of our culture makes us uniquely vulnerable to cyber attacks.
Russia impact 2016 elections. Three types of action:
1. Push out propaganda on internet. Both parties.
2. Hack and leak.
3. Attack elections in 30 states. No perceptible impact benefiting one side or the other.
Tech leaders crisis of conscience. Young tech people now have weighty responsibilities of world consequence for which they are ill prepared. Steep learning curve. Its not just about bits and bites anymore.
Many different constituencies for tech companies to balance.
Example: Germany's history of censorship. Facebook now charged with responsibility of enforcement of German censorship law.
Example US: Censorship of hate speech. Who decides what that is? Very tricky territory. In US, risk of tampering with long held constitutional practice. Dangerous ground.
Issue. US has no cyber security policy.
NSA is US cyber command.
All US units leaning towards offence, even if uncoordinated.
Rob Joyce, talented cyber head for National Security Council fired. No national cyber security coordination or leadership.
Legal issues for US if it ramps up offence in cyber war. Will international law be directed against hypothetical young, NSA hacker working to disrupt China Ministry of State Security?
Tech companies need to get act together. We need to be a lot more 'Long Island" and less easy going "Palo Alto." . Must build adversarial thinking into products.
Need financial basis for journalism.
Need single federal data protection authority.
Need better international norms. We'd be shocked at what happens today.
Idea of cyber warfare helping only one side is ridiculous. — at Hoover Institution.