Andy Bates: Cybersecurity Will Be the Biggest User of AI in 2018Wednesday, February 21, 2018
High-Tech Bridge opens a series of interviews with cybersecurity influencers and thought leaders who shape the industry. Please meet Andy Bates, Director of Global Cyber Alliance.
Andy Bates joined the Global Cyber Alliance (GCA) in September 2017 as its Executive Director for the United Kingdom and Europe. He brings more than 25 years of experience to GCA, having served as a Chief Engineer, Business Development Consultant, Product Development Director, IT Director in Racal, Cable & Wireless and Level3. Mr. Bates most recently served as the CTO at Verizon EMEA. While working across a range of technologies such as network, cloud, mobile, VOIP & identity, Mr. Bates has tended to specialize in large secure solutions for governments and challenging the status quo and conventional wisdom of security.
He was deeply involved with systems such as Government Secure Intranet, PSN, Police National Network, as well as working with all the major UK government departments and international government customers and agencies, including NATO. Mr. Bates is a Chartered Engineer and Fellow of the Chartered Management Institute. He has presented at multiple conferences including RUSI, EU Parliament, Johannesburg, and Budapest. He is married, lives in Hampshire, UK and is a passionate sailor and skier, whilst also being chairman of a charity in his local community.
Andy answered ten questions about some of the most significant topics in modern cybersecurity:
What is your vision of a perfect public-private partnership to effectively fight cybercrime?
Perfection is a difficult thing - how do you know when you have achieved it until something better comes along? The state cannot do everything, and internationally they are limited. An international force doing good work feels like an ideal private partner for public bodies. Also, the commercial world is very effective. Profit is a good motivator, so there could be a perfect combination of commercial cyber defense, law enforcement (which should always be in the public space) and a not-for-profit acting globally.
How does UK overcome the difficulties of international collaboration when investigating and prosecuting cybercrime?
There are many techniques established for conventional crime such as Interpol, Europol and NCSC/NCA who all interface very well. Although this space has its challenges, it is important to arrest the right people so these systems have safeguards in place. Our role is prevention and education. An analogy is if you put good lights in a street you reduce crime, but the lights aren't put there by police.
How do you rate the role that nation-state hacking groups play in the global landscape of digital crime?
Difficult one to answer as we look at prevention only, so we don't differentiate. It’s hard to prove. But “conventional hackers” look for money or glory. State-based actors have other agendas which makes the problem more interesting. That said, the theft of IPR is massive so espionage techniques are used by “commercial hackers” as well as state-based ones. The answer is to get as much diverse protection as you can.
Do you expect hackers in the near future to target ICS and SCADA systems to cause massive destruction, deaths and damages?
Yes, we have seen this more and more in the press and is arguably driven by state-based actors.
Do you think that UK law enforcement agencies receive sufficient funding and governmental support to efficiently fight cybercrime?
I guess there is never enough otherwise there would be no cybercrime, but I feel that the UK, with NCSC & NCA, is having a bigger impact than some other countries. I feel that more can be done to educate the public on the basics of cybercrime prevention. Prevention is clearly more cost effective than detection and prosecution.
What is your take on the risks of Machine Learning and AI usage by cybercriminals to outperform the good guys?
This is a big debate. CCS insights predict that cyber will be the biggest user of AI in 2018. This is due to the fact that virus protection simply has to adopt AI to be able to cope. If cyber criminals use AI to think like bad guys then they have multiplied their attack weapons 100-fold, so this is a bad thing. The saviour is that AI and ML work well when learning from masses of people. Criminals do collaborate, but they don't have a “bad guys university.” This means AI will only learn from a small talent pool, and this will gate its effectiveness compared to its cost.
How do crypto-currencies, including various Altcoins, impact cybercrime proliferation?
Well this is how people trade on the dark web, so without them the money flow is easier to spot. They add the life blood to the bad systems.
What is the role of insecure web and mobile applications in the skyrocketing data breaches?
They provide free, untraceable computer resources to the bad guys to mount attacks and hide behind. Why buy a server farm when you can use a virtual one which is based in 100 reputable companies?
Which free services SMEs can use to assess security, privacy and compliance of their systems?
GCA offers Quad9 and a DMARC implementation tool, both free, to protect SMEs. We also applaud the High-Tech Bridge's ImmuniWeb® platform for giving easy-to-use web and mobile app scanning. Between all of these, a SME has gained alot of free protection and advise. If only everyone changed their passwords and used two-factor authentication also, we would have 95% of the attack vectors covered with these 4-5 aspects.
What are the biggest challenges you face at Global Cyber Alliance and how cybersecurity industry can help?
When we offer all our solutions and tools for free funding becomes a natural challenge. However, the security industry can help us by distributing our free tools which complement the work of most the industry. Also, there is alot of good threat intelligence out there which we can use for the greater good. Finally, we don't have a monopoly on good ideas. For example, if industry wants something like a global honeypot network, let’s talk about how we can partner to build something for the benefit of everyone. That’s what we do best!
About Global Cyber Alliance
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements.