Cybersecurity: a moving target
Executive Director at Tikehau Capital
Director of IT Practices and Offers at ALTEN
Cybersecurity threats are varied, both in their forms and their sources, which range from the state level to the lone individual. They are also increasingly present in every aspect of our lives. In this interview, Francois Lavaste, Executive Director at Tikehau Capital, which manages private equity investment funds specialized in cybersecurity, and Laurent Vromman, Director of IT Practices and Offers at ALTEN, discuss cybersecurity trends in the aviation, defense and space sectors.
What is the importance of cybersecurity in aviation?
LV: Obviously, the financial stakes in aviation can attract cybercriminals. Add to this the growing ecological awareness of the impact of aviation; this means that we’re going to have more and more hacktivists against pollution, or against the rich who spend too much money on their planes. We’ve also, unfortunately, been aware of the threat of terrorism for a very long time in aviation. This is a sector that involves a lot of people, which also means that the threat to personal data can be extremely significant. For instance, there’s been a lot in the cyber press recently about the dangers of charging your phone in an airport – so-called “juice jacking”.
FL: Air transport is a quasi-universal means of reducing the size of the planet. Thanks to aviation, we’re in a logic of connection, tourism and business. The promise of air travel is to shorten distances. Yet it involves an extremely broad attack surface: airlines, airports, logistics, traffic management, equipment suppliers. It is an extraordinarily wide ecosystem in which every link in the chain is interdependent. If the ticket printing system doesn’t work, I can’t take my plane. If my personal details have been compromised, I can’t fly. Every link must be functional.
Are cyberattacks also a trend in terms of defense?
FL: Clearly, there are no longer military operations without a cyber component. In military theaters, we’re in information warfare as much as land warfare – disinformation operations, network manipulation and the like.
LV: There is also the discretion factor: even in times when there may be tension, but not a physical war, cyber activity can be maintained because it is discreet, difficult to prove. It is not necessarily recognized as an act of war when it occurs, yet it allows us to prepare the ground and maintain permanent vigilance over a potential enemy. Indeed, all warfare today is hybrid; increasingly, cyber warfare will certainly come first.
FL: This is related to the question of attribution, one of the key problems in cyber. Attributing an attack definitively is often very complicated. In addition, you can be manipulated into thinking you’re under attack, when in fact you’re not. There are a lot of situations where the truth isn’t clear-cut, black and white, and that makes it much more complicated to deal with.
Do we have a mature knowledge of the threats today – are we capable of responding to them?
FL: The important thing to remember is that the threats are extremely dynamic. We constantly have things to improve, new threats. There’s incredible creativity on the attack side. I think it’s an ongoing effort that will never stop. All this means that there must be inter-actor collaboration: coordination among airport operators, airlines, aircraft manufacturers, supply chains, etc. They all need to work together and agree on measures that are transversal, horizontal.
How does ALTEN see its role in this panorama?
LV: At ALTEN, we have international coverage that addresses a significant proportion of cybersecurity needs. We also benefit from a unique position: we are close to our customers’ products and can leverage our engineering knowledge, as well as a strong information technology track record. A good example is endpoint protection and cyber incident detection; in Spain we have close to 200 people supporting Telefonica in these activities. In France, in the aerospace field, we lend support to Thales on various topics. We’ve carved out a place in the cybersecurity ecosystem that is perfectly tailored to ALTEN’s strengths, and we’re building on that.
In most cybersecurity areas the technical maturity that exists is on the defense side, but the maturity of customers and players is very variable from one to another. One of our challenges is to help our customers understand the issues – where they have weaknesses and how to correct them – to improve their overall cybersecurity standing.
It sounds like we are too reactive. Is it complicated to be proactive?
FL: One of the major trends in cybersecurity in recent years is referred to as “shift left”. It implies the need to integrate cybersecurity from the earliest stages – as soon as you imagine a computer code or an operational system. When developing connected systems and software, there is always the pressure to bring them to market quickly, to make them available to customers. This can result in overlooking a lot of vulnerabilities, of attack surfaces, and this means that after the fact, you need to repair, patch and isolate. This is not a smart way to do things. More and more, we’re seeing business applications that integrate cyber as their differentiator: they’re not in the business of protecting against attacks, they’re in the business of developing applications that integrate protection as their unique selling point. This is the trend of the future.
What about cybersecurity in terms of space?
LV: Without a doubt, in the space sector cybersecurity has become essential. There are 7,000 or so operational satellites in orbit today, half of which belong to SpaceX. These satellites provide day-to-day services to governments, businesses and individuals, and have become truly indispensable in terms of security, data confidentiality and so on. Of course, there are people looking to penetrate, to bypass the systems. Satellite technology is unique; it is materially different and uses very specific protocols. We’ve relied too much on this in the past, thinking of the space sector as literally outside the rest of the world. Today, this is no longer the case.
FL: Awareness of the space cyber threat is high now. The logic of an attacker is always to look for the weakest link in the chain. In a satellite, it’s the modems, the receivers. Protecting the weakest link – the chink in the armor – requires, once more, collaboration among the players.
LV: There are critical interdependent systems that we don’t necessarily imagine. That’s the difficulty of cybersecurity. And that’s why even among competitors, cooperation is essential from a cybersecurity point of view. This is where ALTEN has a clear role to play – in linking people up and helping our customers to see the bigger picture.