GIS and Cybersecurity
Cyber attacks reportedly cost U.S. businesses $400 to $500 billion every year, according to Forbes magazine. The publication notes that this statistic does not include the significant number of cyber attacks that are never reported. Esri cybersecurity account manager Ken Stoni also told Directions Magazine that cyber threats are occurring more often and are becoming more serious. Geographic information systems (GIS) like those developed by Stoni’s organization are the latest weapon helping our nation and organizations around the world win the war against cybercrime.
GIS Helps Cybersecurity Specialists Map Cyber World
Image via Flickr by IntelFreePress
A geographic information science and technology (GIST) degree teaches its students how to use location data in a number of different ways. Graduates who enter the cybersecurity field learn how to use this location data to anticipate, identify, respond to, and recover from cyber-attacks, according to Patrick Fiorenza writing for Govloop.
“Geography matters, and the GIS capabilities are there to combat cyber threats,” Stoni explained at the GovLoop and Esri Meetup in 2014.
According to Stoni, cyberspace can be broken down into five distinct and mappable layers: the social/persona layer, device layer, logical network layer, physical network layer, and finally the geographic layer. GIS technology helps us re-conceptualize cyberspace as data flows, which can then be interpreted by GIS software. This software creates real-time visualizations that increase the situational awareness of cybersecurity experts by making the nebulous world of cyberspace more concrete.
GIS Helps Cybersecurity Experts Understand Cyber World and Act
Once visual representations of cyber networks are created, GIS helps cybersecurity workers understand these spaces. This discipline doesn’t just show cybersecurity workers what the networks look like, but also how networks are connected and how they communicate, according to Brandon Hoffman, the federal chief technical officer of RedSeal Networks. His organization employs GIS technology to identify vulnerabilities in cyber networks which allow security teams to prioritize their work and solve areas with the potential to do the most damage first.
GIS Helps Departments Coordinate Cybersecurity Efforts
In its white paper, The Geospatial Approach to Cybersecurity: An Executive Overview, Esri explained that cybersecurity involves the coordination of a number of departments, including information technology, operations, system design, and network analysis and maintenance. These departments must coordinate and share information when working to protect their networks from cyber threats or responding to attacks. Every device within an organization can be an entry point for an attack, so it takes a considerable effort for these departments to coordinate their work. GIS provides a common operational picture which all departments can work from.
Esri says coordinating efforts is also made easier through a system it calls cyber supply line, which provides a consistent, recognized path through network infrastructure. The cyber supply line identifies the most important devices for a mission’s data flow. This helps narrow an organization’s focus, so rather than managing a few thousand devices workers can concentrate their efforts and resources on a few dozen.
GIS is a vital part of the world’s cybersecurity strategy as businesses and government authorities do their best to win the war against cybercrime.