Magnus Carling, the Chief Information Security Officer (CISO) of Stena AB, spoke with SC's Grace Johannson about cyber-security threats and the Scandinavian shipping line Stena.
“There are so many different challenges and one of the hardest things for us is to try to find out which one we should prioritise,” Carling told SC Media UK, adding, “ but in general I think that the biggest challenge we have is the fact that the security boundary is changing and has been changing for a while. Any modern company has their information stored both closely inside, behind the firewall, and outside the firewall, so that means that it is hard to be in control of where information is stored, and the larger the company, the harder it is.”
What about the new threat of real world things such as ships and oil infrastructure being hacked by people who want to actually take control or disrupt rather than just steal information? Magnus responded, “I think that any company today should be worried about the fact that so many devices and infrastructure are connected to the internet.” And specifically in relation to Stena Carling said, “but are we worried about our infrastructure being hacked? Of course we see that as a risk, we are very aware of what we connect and don't connect. Of course we see the changing world and how the explosion of Internet of Things has an impact on us as well.”
The interview had followed a discussion by NTT Security on threat intelligence so he was asked how cyber-threat intelligence helps him to do his job. “The main objective for us and for our company would be to think ahead of the bad guys; it's like in basketball and in any sports, you want to be where the ball ends up rather than trying to chase it. So the only way we can be ahead is with good intelligence and understanding the threat levels against our company. I think that good cyber-threat intelligence in general should be shared and we can only give so much to fight off the bad guys.”
How does Scandinavia fare when it comes to addressing the global shortages of people with sufficient cyber-security knowledge and experience, and particularly Sweden? Carling commented “I wouldn't say that it's hard to find them, because there are a lot of talented people out there, but I would say that we don't have that as an objective to build up a big lab of cyber-security specialists. Generally speaking I think that it's hard to find talent and attract them to stay because many companies do a lot of everyday routine work when it comes to cyber security, which could get boring for cyber-security specialists.”
Given the growth of machine learning and artificial intelligence in the past few years Carling was asked, is Stena moving towards the use of machine learning and artificial intelligence if so, in what areas, and if not, were there any areas he could see it being used in the future? He declined to be specific but did say, “That's one of those areas where I think that we shouldn't discuss the ways or not because we don't want to expose our security strategies. I can answer in a very general way that of course machine learning is a part of any modern company as a way to fight off intruders, the way we do it is something I wouldn't want to go into, but it's part of the thinking and the strategy and the solution in the long run. Again, speaking in general, with the fact that we are close to maybe 50 billion IoT devices on the internet in a couple of years, there's no way that humans can fight cyber-attacks on that kind of attack surface, we need to have machines to do that as automatically as possible.”
Carling was asked, what types of support for cyber-security do private companies get from the government in Sweden, including from law enforcement and intelligence services? He responded, “Maybe not as much as we would like. I would say that this goes for authorities in general all over the world, whatever jurisdictions. The problem here is that cyber-space has no boundary, countries do, so I would say the thing we lack the most is an increased cooperation between countries. If there were one world police force then we could turn to one person to contact about internet related crimes but that's not going to happen, but that would be some type of utopian gold. But currently we are working with authorities, and they try to help us and we help them, so I think it can be done much more, all parties involved, other companies, us, the authorities, everyone would benefit from more exchange of intelligence.”
Given Sweden's proximity to Russia and its known intrusions into Swedish territory with its submarines, Carling was asked has Stena been affected by Russian hacking? Carling responded, “I wouldn't want to point out a single country, but I would say in general it is very very hard to track origins when dealing with cyber-security because they are using services that are anonymising and their origin is often the darknet, so at one point it can look like they are coming from Africa, then at one point they can come from Asia and then it can look like they are in Sweden, and there is no straight line to say they come from one point or not. My gut feeling, and this is my personal view of how this works, is that nations are getting more and more active on the internet.”