包阅导读总结
1. 关键词:Cyber Public Health、Cybersecurity、Google、Internet Health、Vital Statistics
2. 总结:本文介绍了 Cyber Public Health(CPH)这一将公共卫生原则和科学应用于网络安全的新兴领域,强调其通过测量和报告降低网络风险的实践来管理互联网风险,谷歌支持这一领域并参与相关研究,首届 CPH 研讨会探讨了关键研究领域。
3. 主要内容:
– Cyber Public Health 简介
– 是将公共卫生原则用于网络安全的新兴领域
– 有助于系统识别和解决互联网的不健康、不安全问题
– CPH 的作用和测量方式
– 了解个体组织努力对整体网络公共健康的益处
– 可通过观察补丁对减少恶意软件传播等的累积效果来测量
– 需定义、测量和公开报告类似公共卫生中的健康数据
– 现有网络安全模型的问题
– 对个体威胁反应,数据分散、孤立、难获取
– 安全漏洞披露少,难以了解趋势和风险因素
– CPH 的转变和优势
– 数据驱动、促进利益相关者合作
– 构建更安全有弹性的数字生态
– 谷歌云支持,投资研究、开发工具、促进信息共享
– 首届 CPH 研讨会
– 与 CyberGreen Institute 合办
– 确定关键研究领域,如定义测量单位、数据源、标准化报告等
– 讨论数字日常生活活动概念
思维导图:
文章来源:cloud.google.com
作者:Bill Reid,Taylor Lehmann
发布时间:2024/7/19 0:00
语言:英文
总字数:794字
预计阅读时间:4分钟
评分:84分
标签:网络安全,公共卫生,互联网健康,创新方法,数据驱动洞察
以下为原文内容
本内容来源于用户推荐转载,旨在分享知识与观点,如有侵权请联系删除 联系邮箱 media@ilingban.com
At Google, we believe the approach to cloud infrastructure should be informed, in part, by understanding the relative “health” of the Internet. Defining and measuring these vital statistics can help proactively and systemically identify and address conditions that make the internet unhealthy, unsafe and insecure. Crucially, they can be used to help craft a holistic view of the internet that applies the principles and science of public health to cybersecurity — an emerging field known as Cyber Public Health (CPH).
We’re excited to announce our support for the practice of CPH, which can help us understand if our individual efforts organizations take to secure their systems are adding up to a greater overall cyber public health benefit. CPH is about managing the risks the internet faces, which can only be done by looking at the bigger picture. That means going beyond vulnerabilities and incidents, and into practices that work to keep internet-connected systems safe and secure.
For example, one way we can measure CPH is to look at the cumulative effect that patching vulnerable systems has on decreasing the spread of malware and improving global system uptime. To do these types of measurements, organizations need to define, measure, and publicly report the equivalent of common health data, or vital statistics, as is done in public health reporting today. With this larger data context, we can understand the overall health of the internet and use that information to employ practices that work in keeping systems safe.
Getting better comprehensive data
Traditional cybersecurity models often react to individual threats, leaving organizations vulnerable to new and evolving attacks. Existing data is often fragmented, siloed, and difficult to obtain, making it challenging to identify trends, patterns, and risk factors at a population level.
Given that many security compromises are not disclosed, little can be learned collectively about what created a particular vulnerability, how it was exploited, what provided a “cure,” and what can ensure prevention of similar vulnerabilities in the future.
As a community, we lack comprehensive data on the overall health of the internet. We believe that CPH can help us broaden our understanding of the internet’s health because it’s principally about measuring and reporting the practices that have been proven to reduce cyber-risk.
From reaction to prediction to protecting the internet
CPH offers a paradigm shift in cybersecurity. By using data-driven insights and fostering collaboration between stakeholders, CPH can help us build a more secure and resilient digital ecosystem. Google Cloud is committed to supporting this new approach by investing in research, developing innovative tools, and promoting information sharing across the cybersecurity community.
The CyberGreen Institute, a champion of CPH and an organization dedicated to measuring the health of the internet, recently co-hosted a workshop with Google Cloud. Rather than focusing reactively upon treating threats and responding to attacks, the CyberGreen Institute empowers people and organizations to take proactive measures to help them avoid and mitigate cybersecurity issues. “Such approaches are analogous to treating a case of malaria through medicine, while leaving the nearby mosquito swamp untouched or developing cancer treatment technology while paying little attention to the population’s tobacco use,” said Adam Shostack, lead author of the workshop report.
The inaugural Cyber Public Health workshop brought together experts from various fields to discuss the future of CPH. The workshop identified key areas for research, including:
-
Defining the fundamental units of measurement in CPH (including devices, accounts, and users).
-
Identifying reliable data sources and addressing privacy concerns.
-
Developing standardized incident reporting forms and metrics.
-
Investigating the cybersecurity impact of emerging technologies, including AI.
One area of discussion was the concept of Digital Activities of Daily Living (DADLs). Similar to the approach of measuring the impairment of human physical health by assessing the ability to complete daily, routine activities, DADLs extends that concept to digital lives.
“DADLs represent the critical digital tasks that individuals, organizations, and even nations must perform to maintain a healthy and secure cyber ecosystem. Just as ADLs are crucial for physical well-being, DADLs are essential for modern digital well-being,” Josiah Dykstra, director, Strategic Initiatives, Trail of Bits, wrote in a recent CyberGreen blog.
Google Cloud is actively involved in these research efforts, collaborating with leading organizations and researchers to advance the field of CPH.
What’s next
Cyber Public Health is a promising new approach that, together with ideas like those put forth by the public-private PCAST Cyber-Physical Resilience Strategy, has the potential to revolutionize cybersecurity. Google Cloud is proud to be a part of this movement, and we invite you to join us in building a healthier and more secure internet.
We encourage you to learn more about Cyber Public Health and the work of the CyberGreen Institute. The Workshop Report is here.
Together, we can create a safer digital world for everyone.
