Workshop: Multi-domain cyber risks and how to deal with the difficulties of mitigating them
“Cyber” is often seen as a rather isolated, technological challenge. However, many – but not all – weaknesses are in fact human or organizational, with the most problematic fault lines often located at the intersection of different systems or domains. A lot of successful attacks exploit different types of weak points to succeed, for example by first using social engineering and then exploiting technical weaknesses. This talk will start by giving an account of such multi-domain risk problems as well as the considerable complexities faced by security professionals, to then discuss empirically the difficulties associated with building trust and establishing reliable cooperation in the sector of information and IT security. Based on this analysis, the talk will outline the faults of current regulation regimes, and what can be done to improve security on the internet. Finally, it will focus on a particular aspect of online criminality, the trade of illegal material via the dark-web. Indeed, the issues of trust and cooperation are worse for criminals than they are for defenders, revealing an avenue for law enforcement to exploit.
Coffee and refreshments provided.
Laurin Weissinger is a doctoral candidate and researcher at Oxford University and a visiting scholar at UC Berkeley’s Center for Long-Term Cybersecurity. His research focuses on IT security and cybersecurity. Weissinger is particularly interested in better understanding the cooperation between different actors in the defense sphere; how information and intelligence flow though networks; trying to capture the whole "system" of human actors and computing devices; and the role of regulation and standardization in risk mitigation within organizations.