What does rock climbing blindfolded up a 120m rock face in Utah’s Moab Desert have in common with Cyber Security, Cyber Terror and Cyber Crime?  I realised they had a lot in common after separately watching  Todd Sampson and Richard Buckland last Thursday night.  Both were equally entertaining presenters, one was on the ABC program Redesign My Brain Series 2 and the other was at an Australian Computer Society education seminar in Hobart.  Perhaps it was because I saw them both on the same night that I could see the connection.

redesignTodd Sampson as a regular on the ABC needs no introduction. On last week’s show he was redesigning his brain. He was teaching himself to think

ancientart and react differently so he could do things that he would never have considered doing.   He went through a series of brain training exercises with the ultimate aim of climbing Utah’s corkscrew blindfolded (the last “tricky” bit is shown in the picture). It was all about thinking differently and getting your brain to accept what it might not otherwise accept.

Thinking differently was also the essence of Richard Buckland’s presentation to a packed room at the Hobart headquarters of the Australian Computer Society (Tasmania).  Richard spoke enthusiastically about Cyber Security, the fact that human fallibility was the weakest link and the need for accepting that.  He gave several examples of how thinking differently helped to solve a number of problems.  He said the best way to deal with Cyber Security is to think like an attacker and not like a defender.  Hackers are now becoming more sophisticated, tools are becoming more readily available and easier to launch and attacks are becoming more damaging.

“It used to be the realm of teenage hackers, but is now dominated by corporate hacking, organised crime syndicates, and the military and intelligence e-communities.”

Thinking like a defender will always make you feel smug, secure and impenetrable but once you start to think like an attacker you quickly find the vulnerabilities.  Richard’s students at the University of New South Wales very successfully compete in the Cyber Defence University Challenge run each year by the Department of Prime Minister and Cabinet.  Actively solving problems and “simulating” attacks with negotiated rules of engagement being a key part of his teaching.

Richard provided many historical examples outside of computing where thinking differently helped solve problems. A sailor escaping from the burning SS Mont Blanc switched his mind from escaping to protecting and alerted the trains entering the Port of Halifax of an imminent explosion in 1917. The SS Mont Blanc, fully loaded with war time explosives, collided with a Norwegian ship. Twenty minutes later there was a cataclysmic explosion that killed 2,000 people and injured 9,000.  Through the sailors actions, the lives on the trains were saved and the trains were available to ship the injured to hospitals in other cities that were not destroyed.

A World War 2 statistician (Abraham Wald) came up with an idea for working out where bombers should be armoured to make them more difficult to shoot down.   He conducted a survey of returning bombers by asking the maintenance personal to show where they were damaged on a diagram.

bomber

This resulted in a single diagram of the damage locations for all returning bombers.  Richard showed us an example of this diagram and asked us to suggest where the additional armour should be placed.  Wald had the brilliant idea of adding armour on parts of the bombers that never showed any hits.  The diagrams showed that bombers could take hits in the areas marked and still return to base.  Presumably the bombers that did not return took hits in the unmarked areas and so additional armour was required in these locations.

Richard also highlighted that there was an acute and growing shortage of Cyber Security professionals in Australia (and world wide).  There are about 1000 in Australia and many are on 457 visas.  Richard’s solution is to work with industry and providing better ways of supporting professional development of existing skilled ICT human resources.

For those ICT professionals out there that want to redesign their brain without blind climbing a sheer cliff then perhaps they could take up cyber security under the direction of Richard Buckland.

Thank you to ACS Tasmania for organising this seminar and hosting it on the same night as Redesign my Brain 2.