The National Academies Press

Currently Skimming:

3 Closing Observations and Discussion
Pages 28-36

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 28... ... If, when cars were first invented, we knew they would eventually cause 35,000 deaths yearly, their adoption might have taken a different trajectory, he said. Danzig observed that we are now psychologically used to cars and their consequences now and we accept those risks daily, while we remain uncomfortable with the risks of cybersecurity breaches. Read the entire page →
From page 29... ... Danzig recommended Antifragile by Nassim Nicholas Taleb to participants, which argues that the goal of resilience isn't to get you back to where you were, but to teach you how to rebuild to become better than before.1 Addressing the technological dimension, Danzig noted that while machines do have vulnerabilities, we should keep in mind that they also possess extraordinary abilities that can be used to promote resilience and recovery. For example, every keystroke can be documented and used to bolster deterrence, attribution, and retribution practices. Read the entire page →
From page 30... ... Tim Roxey, North American Electric Reliability Corporation (NERC) , talked about learning from the August 2003 blackout, when the power grid shut off in much of the Northeastern United States. Read the entire page →
From page 31... ... It's also important to remember how experimentation and learning from mistakes can help craft guiding principles, he continued, something that, for example, has helped the nuclear submarine community improve overall reliability. Considering Time and Scale Bob Blakley, Citigroup, reiterated Danzig's point that time is a crucial consideration for framing recoverability. Read the entire page →
From page 32... ... Blakley said that in his experience, there can be effective, mutual information sharing between government and industry, noting that financial institutions have received actionable information from the government. Danzig cautioned that informal information bartering within industry tends to benefit the largest companies in a field, while the smaller ones can be shut out of the relationship. Read the entire page →
From page 33... ... Manferdelli agreed that practice is important, but it first requires data, which in turn requires funding, something that may be in short supply at different times in an organization's lifespan. In addition, the challenges are further compounded by the fact that computing conditions are constantly changing, technology is not always transparent, and scale varies greatly. Read the entire page →
From page 34... ... Landau agreed that resiliency planning and AI in the workforce need to be examined carefully, and also suggested that considering computers as disposable elements could improve our ability to maintain updated software and reduce the temptation to invest undue trust in any one component. Closing Discussion Closing out the workshop, Danzig reiterated that recovery is a balancing act. Read the entire page →
From page 35... ... We are still in the early stages of thinking about recovery, and unfortunately the early years are the hardest. Eventually, good strategies will be adopted, he observed, but it may take many years, and many attacks, to understand what the real solutions are, a trajectory similar to that of aviation, which progressed from a daring and dangerous pursuit to a safe, routine means of transportation. Read the entire page →

From page 28...

... If, when cars were first invented, we knew they would eventually cause 35,000 deaths yearly, their adoption might have taken a different trajectory, he said. Danzig observed that we are now psychologically used to cars and their consequences now and we accept those risks daily, while we remain uncomfortable with the risks of cybersecurity breaches.

Read the entire page →

From page 29...

... Danzig recommended Antifragile by Nassim Nicholas Taleb to participants, which argues that the goal of resilience isn't to get you back to where you were, but to teach you how to rebuild to become better than before.1 Addressing the technological dimension, Danzig noted that while machines do have vulnerabilities, we should keep in mind that they also possess extraordinary abilities that can be used to promote resilience and recovery. For example, every keystroke can be documented and used to bolster deterrence, attribution, and retribution practices.

Read the entire page →

From page 30...

... Tim Roxey, North American Electric Reliability Corporation (NERC) , talked about learning from the August 2003 blackout, when the power grid shut off in much of the Northeastern United States.

Read the entire page →

From page 31...

... It's also important to remember how experimentation and learning from mistakes can help craft guiding principles, he continued, something that, for example, has helped the nuclear submarine community improve overall reliability. Considering Time and Scale Bob Blakley, Citigroup, reiterated Danzig's point that time is a crucial consideration for framing recoverability.

Read the entire page →

From page 32...

... Blakley said that in his experience, there can be effective, mutual information sharing between government and industry, noting that financial institutions have received actionable information from the government. Danzig cautioned that informal information bartering within industry tends to benefit the largest companies in a field, while the smaller ones can be shut out of the relationship.

Read the entire page →

From page 33...

... Manferdelli agreed that practice is important, but it first requires data, which in turn requires funding, something that may be in short supply at different times in an organization's lifespan. In addition, the challenges are further compounded by the fact that computing conditions are constantly changing, technology is not always transparent, and scale varies greatly.

Read the entire page →

From page 34...

... Landau agreed that resiliency planning and AI in the workforce need to be examined carefully, and also suggested that considering computers as disposable elements could improve our ability to maintain updated software and reduce the temptation to invest undue trust in any one component. Closing Discussion Closing out the workshop, Danzig reiterated that recovery is a balancing act.

Read the entire page →

From page 35...

... We are still in the early stages of thinking about recovery, and unfortunately the early years are the hardest. Eventually, good strategies will be adopted, he observed, but it may take many years, and many attacks, to understand what the real solutions are, a trajectory similar to that of aviation, which progressed from a daring and dangerous pursuit to a safe, routine means of transportation.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

3 Closing Observations and Discussion Pages 28-36

3 Closing Observations and Discussion
Pages 28-36