Cyber Public Health: A new approach to cybersecurity
Bill Reid
Security Advisor, Office of the CISO, Google Cloud
Taylor Lehmann
Director, Office of the CISO, Google Cloud
At Google, we believe the approach to cloud infrastructure should be informed, in part, by understanding the relative “health” of the Internet. Defining and measuring these vital statistics can help proactively and systemically identify and address conditions that make the internet unhealthy, unsafe and insecure. Crucially, they can be used to help craft a holistic view of the internet that applies the principles and science of public health to cybersecurity — an emerging field known as Cyber Public Health (CPH).
We're excited to announce our support for the practice of CPH, which can help us understand if our individual efforts organizations take to secure their systems are adding up to a greater overall cyber public health benefit. CPH is about managing the risks the internet faces, which can only be done by looking at the bigger picture. That means going beyond vulnerabilities and incidents, and into practices that work to keep internet-connected systems safe and secure.
For example, one way we can measure CPH is to look at the cumulative effect that patching vulnerable systems has on decreasing the spread of malware and improving global system uptime. To do these types of measurements, organizations need to define, measure, and publicly report the equivalent of common health data, or vital statistics, as is done in public health reporting today. With this larger data context, we can understand the overall health of the internet and use that information to employ practices that work in keeping systems safe.
Getting better comprehensive data
Traditional cybersecurity models often react to individual threats, leaving organizations vulnerable to new and evolving attacks. Existing data is often fragmented, siloed, and difficult to obtain, making it challenging to identify trends, patterns, and risk factors at a population level.
Given that many security compromises are not disclosed, little can be learned collectively about what created a particular vulnerability, how it was exploited, what provided a “cure,” and what can ensure prevention of similar vulnerabilities in the future.
As a community, we lack comprehensive data on the overall health of the internet. We believe that CPH can help us broaden our understanding of the internet’s health because it’s principally about measuring and reporting the practices that have been proven to reduce cyber-risk.
From reaction to prediction to protecting the internet
CPH offers a paradigm shift in cybersecurity. By using data-driven insights and fostering collaboration between stakeholders, CPH can help us build a more secure and resilient digital ecosystem. Google Cloud is committed to supporting this new approach by investing in research, developing innovative tools, and promoting information sharing across the cybersecurity community.
The CyberGreen Institute, a champion of CPH and an organization dedicated to measuring the health of the internet, recently co-hosted a workshop with Google Cloud. Rather than focusing reactively upon treating threats and responding to attacks, the CyberGreen Institute empowers people and organizations to take proactive measures to help them avoid and mitigate cybersecurity issues. “Such approaches are analogous to treating a case of malaria through medicine, while leaving the nearby mosquito swamp untouched or developing cancer treatment technology while paying little attention to the population’s tobacco use,” said Adam Shostack, lead author of the workshop report.
The inaugural Cyber Public Health workshop brought together experts from various fields to discuss the future of CPH. The workshop identified key areas for research, including:
-
Defining the fundamental units of measurement in CPH (including devices, accounts, and users).
-
Identifying reliable data sources and addressing privacy concerns.
-
Developing standardized incident reporting forms and metrics.
-
Investigating the cybersecurity impact of emerging technologies, including AI.
One area of discussion was the concept of Digital Activities of Daily Living (DADLs). Similar to the approach of measuring the impairment of human physical health by assessing the ability to complete daily, routine activities, DADLs extends that concept to digital lives.
“DADLs represent the critical digital tasks that individuals, organizations, and even nations must perform to maintain a healthy and secure cyber ecosystem. Just as ADLs are crucial for physical well-being, DADLs are essential for modern digital well-being,” Josiah Dykstra, director, Strategic Initiatives, Trail of Bits, wrote in a recent CyberGreen blog.
Google Cloud is actively involved in these research efforts, collaborating with leading organizations and researchers to advance the field of CPH.
What’s next
Cyber Public Health is a promising new approach that, together with ideas like those put forth by the public-private PCAST Cyber-Physical Resilience Strategy, has the potential to revolutionize cybersecurity. Google Cloud is proud to be a part of this movement, and we invite you to join us in building a healthier and more secure internet.
We encourage you to learn more about Cyber Public Health and the work of the CyberGreen Institute. The Workshop Report is here.
Together, we can create a safer digital world for everyone.