Electric grids, banking systems and cyberweapons have one thing in common, but what? Any system controlled or operated by computer program is cybersystem. But is it possible to create a perfectly secure cybersystem? Not if you intend to let anyone use it. Is it possible to create cybersystems that won’t inevitably be crippled by attacks? Most people would say no to this, too. However, John Manferdelli, who is the executive director of Northeastern University’s Cybersecurity and Privacy Institute, thinks we can.
John elucidated that “Engineers are used to building things that will be resilient to passive threats, like the weather on a building, for example,” and expressed that the idea of safe cybersystems are turning out as a pure dream as the only prerequisite is to analyse the attacker. Cybersystems can never be safe but its operators have to be attentive and cautious towards malicious people. Their nature isn’t malicious. Manferdelli said that keeping cybersystems secure will require the people who design them to have to plan for when they fail and to be prepared to respond blazing quick to an attack.
Keeping the cybersystems safe requires herculean effort as all the sectors are cyber-enabled and the only trustworthy source for public. Cybersystems have to be able to withstand people who are actively trying to attack it and then bounce back gracefully when they are attacked. These two concepts namely the defence and the ability to bounce back quickly are the foundation of what makes a system resilient. Cyber resilience is possible only when we don’t wait for a perfect cybersystem and rather focus on analysing, monitoring, and modifying the current cybersystem.
Harminder Singh