Cyber Law: Everything You Need to Know

Automatic TRANSCRIPT

You know, we hear every day attacks and hacking, and all of this kind of stuff at Facebook, or you know, even this week at Amazon my goodness. But it's so much bigger than that you, and I both know that. So it really is a question as you said in your outlined before you can understand tax adversaries and mitigation options. The to understand the environment that we operate in. So what is eyebrows space? Well, thank you for having me this morning. I may you know, it's it's a large and almost unwieldy unwieldly complex topic. And I'm looking forward to getting some specific areas over our conversations about cyber risk. But to really understand what that risk looks like and to look at how governments businesses and even we as individuals can begin to mitigate reduce that risk. You do that whole what we government we refer to operating environment. So what really want everyone to walk away? Today are coming up city of two different things. What cyberspace really is what in compass and also what we call a cyber attack surface and other term talk about a little bit. These are foundational pillars to understanding cyber risk. And why cyber threats are so important and important to all of us and a lot of different ways some obvious when our banking accounts hat, some not so obvious in the sense that everything's interconnected, and that's going to impact nearly every aspect of our lives. So so this is going to be pretty elementary because I want to start what kind of broad overview and evolve discussions. From that funny show understanding inches some specific risk areas that we're gonna talk about in time. And why am one of the things we're going to address over time is what congress did something. What if congress actually will be nice this what we one of things? I hope you is listeners walk away with from today's discussion in the subsequent discussions. We're gonna have is just how big just how important and just help potentially dangerous. This space is while congress thinks infrastructure is potholes. Indeed, the first please think in world and everything you can see everything, you know, about it. Continents countries. Borders, fiscal borders, political borders, if oceans waterways, trysofi provider's office buildings laws regulations. All of these things are designed around the concept of national sovereignity and are defined by those borders of markets and governments and industry operating each. It's a world we've known since the dawn of human progress that shapes our every engagement in our interactions. It's a well we can travel cross too. But it takes hours sometimes days pay on. How far you're going now to understand the cyber operating environment. What it looks like I want you to begin imagine a scale magnitude, which cyber risk redefines everything so think of cyberspace as nother world overlaid on top of that physical world and. Cyberspace world. There are no geopolitical borders. There's no natural border snow real borders of any kind, and it is one that can be traveled across at least the information from a computer can. But takes literally fractions of a second run two hours days. We take physically move across that now because this cyberspace were encompasses and impacts everything in our physical world. It does not, but does not have the same geopolitical legal distinctions. We have always governor selves by. So it raises serious questions about how do you enforce what should be reasonable behavior? Let's look at it. Another way laws long ago, an internationally accepted established what is quote unquote, normal behavior for a country to country interactions. If you fire a missile over the border adversarial country, it's an act of war clear-cut, perhaps even likely so even if you don't actually kill anyone. But if you fire cyberattack across the same borders, and you use it to say stealing lectu, probably is not an active war. What if? A cyber attack took out electric grid, which in turn got the power to community hospital, resulting the deaths of patients who couldn't be treated should not be considered any different missile lands in somebody's house reasonable people. Argue it certainly should. But the point is the laws not that clear cut as not black white inter still a lot of gray area when it comes cyber operations have yet to coalesce into any kind of standards of normative behavior between countries and that offers. Countries with ill intent great great opportunity. It also in an we don't mean just from a Connecticut warfare fence. But clearly as we are seeing now in the trade negotiations with China. Differing laws differing philosophies about what it means to electrically steal from someone else or electronically to snoop or eavesdrop on somebody else. Let's important point. I touch them. I want to go on the staff of intellectual property is a longstanding problem was greatly exacerbated by cybersecurity is when we think about cyber it's important to remember impacts bill's economic security and national security the defense side of the national scale that relatively obvious think of as missiles again, the cyber attacks against say military governates he's, but there's a number countries in the world who argued economic security is national security vice versa, don't really draw any distinction between them. So they allowed our military cyber operators to do fairly broad another piece to this equation, those attribution instantly, we're gonna talk a lot about and coming weeks. How how you know who did an attack? And as well beyond today's conversation. But as important to understand for now that actually bution in general, it's pretty hard to do. And it can be fairly slow to actually be very slow depending on on the specifics of cyberattack see how this kind of political wild west nature of cyberspace very few loss to guide or set, what should be normal and acceptable behavior. And you have the challenge of attribution making it relatively easy for cybercriminals to do this kind of work anonymously in that encourages cybercrime and a lot of it in a foreign hackers. Try to explain people businesses governments in order to get something funny. It's a lot of it. For example, sometimes simple hacking, banks. Sometimes it's a ransomware attack shutting off access to your to your all of your data, forcing all employees in a company to pay up bitcoin or some other non Mus cryptocurrency or lose their data. Sometimes it's something more sophisticated. I'm reminded a two thousand twelve s give or take a couple years case, which Subir criminals hack their way into the port of Antwerp Belgium, nor to modify shipping container manifest before ships had actually. Arrived. They do this in funnel hundreds of millions of dollars worth of drugs guns money from three years tonight efforts. There are a lot of ways crime impacts not only rampant, but it is growing significantly. So no sign of abating as the next week. We'll start looking at this specific risk areas about why it why not continuing. As we all know. Well, most of us have been hack at some point or another even if we don't necessarily realize that people can also get exploited directly, your computer could be hacked can be stolen using it for mation gleaned from hacks places like equifax, so your Bank, and guess believe or not there really are people respond to the Email for deaf ear businesses that gave associated prison Nigeria offering you cut of a twenty five million dollars state if you'd only wired money ahead of time. There's a lot of reasons why this kind of stuff continues. Yeah. Actually, I know somebody who was approached and did put out some money owed here. Yeah. Yeah. People people can be gullible in some of these EV these attempts have become quite sophisticated unless the key because what's changing cyberspace sophistication level. We won't even talk for now about artificial intelligence. But there's a lot of things are making making these kinds of attacks much easier to reeducated and a lot. It's it makes people a lot more receptive to the risk itself. Yeah. Well. The the very basic, very basic nature of this is everything from that little phone in your hand everything in this world is now

Coming up next