Increasing global dependence on cyberspace, rapidly and continuously changing technology, sustained vulnerabilities, and advanced persistent threats are driving an increasing societal risk of attack in cyberspace. Assuring a broad range of infrastructure critical for a well-functioning society is essential in a broad range of areas including but not limited to communications, transportation, and commerce. Based on an engagement with government, industry, and academia, and building upon prior research in computer security principles, this chapter articulates a set of enduring cybersecurity principles that can serve as a focusing framework to improve trust and assurance of systems considering requirements, architecture and design, and operations and maintenance. This chapter first outlines the threat and its consequence, describes prior research in cybersecurity principles, and then outlines a set of succinct and actionable cybersecurity principles.
TopContested Cyberspace Environment
Increasing cyberspace threats, vulnerabilities, and dependencies are driving a rapid escalation of enterprise cybersecurity risk and consequences. Figure 1 quantitatively illustrates a number of strategic trends that characterize the cyberspace domain. For example, static malware signatures are expected to increase from just less than three million today to over 200 million by 2025. At the same time, fiscal constraints will limit resources to counter these threats and drive increased autonomy. By 2025 there will be an estimated 5.5 billion people online using 25 million applications, engaging in billions of interactions per day, and creating 50 zetabytes (trillion gigabytes) of data. While supercomputers will be able to sustain operations at the 10 Exaflops level, time will remain a precious resource given the speed of attacks and velocity of threat evolution. Integrated circuits will continue to shrink to around 8-10 nanometers. Unfavorably, the United States will experience a limited future supply of domestic graduates in computer science (e.g., 3,800 doctoral graduates per year by 2025 in contrast to China’s 8,500). One key opportunity will be steady growth in the $1.4 trillion in global R&D investments. The foreign portion of this investment will grow from 60% to over 70% which will mean both increased technical threats and opportunity originating from overseas.
Figure 1. Strategic trends 1999-2025
Another problematic trend is along the economic dimension. The 2013 Cost of Cyber Crime Study sponsored by Hewlett-Packard found there were over one hundred successful cyber attacks per company (an infiltration of a company’s core networks or enterprise systems) requiring on average 32 days to resolve each incident and costing each company on average $11.6M in 2013 (Ponemon, 2013), a 78% increase since their first study four years ago. The 2013 Global Report on the Cost of Cyber Crime found similar trends in Australia, Germany, Japan and the United Kingdom. Aberdeen Group (Brink, 2010) estimates that a software security incident costs on average $300k per event. Gorman (2013) estimates annual U.S. cybercrime costs at $100 billion. Beyond direct cost, financial damages of cyber-attacks are now beginning to potentially be existential for companies. For example, an empirical analysis of the impact of software vulnerability announcements on stock price (Telang & Wattal, 2007) found that a vendor loses around 0.6% value in stock price when a vulnerability is reported and that the first day of a vulnerability announcement resulted in an $860M average market value loss. These trends underscore the increasing sophistication, frequency, and damage of cybercrime on a global scale.
TopIncreasingly Consequential Threats
The growth in software systems size, complexity, and external dependencies implies increasing future consequences of software failure. This is evident across modern machines from robots to automobiles to aircraft. For example, Figure 2 illustrates the growth in how functionality dependent upon software grew from only five percent in Vietnam era F-4 fighter to over ninety percent in today’s Joint Strike Fighter (F-35), a combat system with over nine million lines of code embedded on the platform.
Figure 2. Capability growth in software in fighter jets