Technology comes second to creative thinking, says UK cyber expert Pete Cooper during today’s virtual keynote

Black Hat Europe, Diverse security teams are key to successful government cyber defense

‘Diversity’ was a key watchword during the Black Hat Europe keynote today (December 9), as cybersecurity luminary Pete Cooper described how lessons learned across a variety of domains can be usefully applied to the infosec realm.

Now deputy director for the cyber defense government security group at the UK Cabinet Office, Cooper told attendees this morning that much of the knowledge he accrued in a long career with the UK Royal Air Force – both as jet pilot then aviation cyber expert – was readily transferrable to cyber defense in general.

This included being able to do the “fundamentals” – managing risk and detecting, protecting against, and mitigating cyber-attacks – “without thinking”.

This cornerstone “enables absolutely everything else” in governmental cyber defenses, he added.

Cooper, who first learned about computing via the ZX Spectrum 16K, said success is defined not by who has the best technology – which adversaries also have access to, after all – but by “our thinking”.

This should include thinking about an organization’s SWOT analysis more effectively than its adversaries, and conducting testing objectively, finding the edge cases and understanding and communicating the risks to decision-makers.

Pete Cooper referred to having owned a ZX Spectrum 16K at the Black Hat Europe 2020 keynotePete Cooper delivered the Black Hat Europe 2020 keynote

Fail-safe design

“Defense in depth is [also] critical in both flying and cyber defense because it’s key to remember that things will go wrong – users click on [malicious] links and back end teams will set up a service incorrectly,” said Cooper.

Recalling how he once accidentally started shutting down his aircraft’s only engine, the security pro said systems must have built-in resilience – they must be “designed to [be] fail-safe”.

The right culture is fundamental, too. Employees must be empowered to report problems and question assumptions to “understand what is happening below the surface”.

Read more of the latest news from Black Hat Europe

Referring to his time collaborating across multifarious British Air Force units with sometimes competing priorities and perspectives, he said: “To collaborate you need to be able to communicate – and that wasn’t just technical because we were separated by more than just our languages our specialisms.

Forging a common vision among diverse teams must be supported by the right policy, strategy and technology, he added, with skills and people the “critical enabler for all of that”.

‘Diverse pathways’

There must be “diverse pathways into the industry” if we’re to effectively “mentor the next generation”, said Cooper.

Reflecting his belief that experience in an eclectic range of domains can generate insights that are useful in the cyber arena, the Cyber 9/12 Strategy Challenge, a UK competition Cooper helped to launch in 2012 during his stint at The Atlantic Council, seeks university students with a passion, rather than expertise in, cybersecurity.

The participants have generally had a 50-50 gender split, the speaker noted.

There was also praise for CV19, which has helped more than 700 healthcare organizations across Europe analyze thousands of suspicious IPs and report hundreds of critical vulnerabilities since its inception early on in the Covid-19 pandemic.

“Defending as one”, concluded Cooper, means collaborating effectively across government, industry, and the research and hacker community; consolidating resources and knowledge; having a clear vision, strategy, and culture; and understanding and reducing risk proactively at pace and scale.

READ MORE AttackForge pen test platform showcased at Black Hat Europe