Workshops‎ > ‎cs-ga-2011‎ > ‎

Felix Juhl

Sandfire AG

Biography:

Felix Juhl, geboren 10.07.1968, is a senior expert on open source intelligence, lawful communication interception, cyber security, counter-espionage, and fighting organized crime. He is the founder and former organizer of the German Justice and Law Enforcement Roundtables and a professional member of many different national and international expert associations. Actually he is Senior Partner at Sandfire AG, a Swiss-based expert consultancy for public-private security issues.

Felix is a former member of the special Air Mission Wing of the German Ministry of Defense and the Special Forces of the German Bundeswehr. After he left the armed forces he worked as a Key Account Manager for EuroAvionics GmbH, a moving map navigation system manufacturer, before acting as the Managing Director of OpenSky Consulting Ltd (UK), at the time a leading consultancy in critical infrastructure and government consulting services. From 2001 to 2003 he was an independent subject matter expert on critical information and communication security and technology, lawful interception, and surveillance and reconnaissance. Between 2003 and 2006 he worked with Brightman Parsons GmbH, a provider of lawful interception, direct analysis, and search and retrieval technology.

At the end of 2006, Felix was Managing Director of German Gesellschaft für technische Sonderlösungen (GTS). Until 2009, the GTS had become a key partner for government agencies, law enforcement agencies and industry in many different countries. In 2007 Felix developed two important law enforcement software tools: COMMON, a passive visual community monitoring tool to find forbidden content in the deep web, and COMIX, an automated interception approval exchange interface for authentication of paperless warrants for use by justice departments, law enforcement agencies, and telecommunication providers. GTS has been awarded an innovation prize for COMMON in 2007.

From January 2010 to the end of 2010, Felix worked for the Center for Security Studies at the Swiss Federal Institute of Technology, Zurich. He was responsible for reorganizing the Center’s OSINT division and representing the Center as well as the International Security and Relations Network (ISN) vis-à-vis NATO and the EU in Brussels.


Abstract:
Securing Cyberspace: Building Blocks for a Public-Private Cooperation Agenda

Problem Statement

In the 21st century, access to the global commons – sea, air, space, and cyberspace – will be contested. The growing interrelationship between operations in each of the global commons puts a premium on cyber security as the key link. Cyber insecurity, however, is not only a technical problem. Rather, it is a strategic concern as cyber insecurity threatens to rip modern societies off the benefits of accessing the global commons.

The presentation starts from the assumption that public and private sectors both depend on viable cyber infrastructure components. Therefore they have a common interest in guaranteeing cyber security. Today, however, cooperation is hampered, among others, by a lack of agreed definitions of the key challenges. The presentation will propose several avenues to overcome this obstacle, thereby presenting a road map for closer public-private cyber security cooperation.

Procedure

Cyber Confusion: Making Sense of Different Concepts

Defining cyber-related issues and distinguishing between various cyber phenomena is crucial. Definitions provide a common language necessary for sound collaboration and meaningful discussion. Furthermore, definitions help determine the scope of the problem to be addressed and are necessary for clear communication about a subject. Today, however, cyber-related definitions are vague at best, which causes confusion. The proposed presentation will look at some of the key terms currently in use, such as cyber security, cyber crime, cyber terrorism, cyber war, and cyber deterrence.

Cyber Vulnerabilities and Challenges


So far security research has been focusing on formal policy models that protect information against unauthorized access by specifying which users should have access to data or objects. But today’s multilayered and asymmetrical cyber risks challenge the paradigm of “absolute security” and gives rise to a model built on axioms of insecurity: insecurity exists; insecurity cannot be overcome; and security can be circumvented. As a consequence, there is a need for a generic approach towards the different dimensions of cyber vulnerability. The presentation will put forward a holistic model to capture them.

A Public-Private Working Agenda to Advance Cyber Security


Nowadays, politicians and practitioners agree that cyber security requires close public- private interaction. The need for public-private security cooperation is not only limited to cyber security. Given economic globalization and the growing dependence of the state on private contractors and private infrastructure operators, national security and corporate security are becoming ever more intertwined. In reality, however, public-private security cooperation is hard to achieve because existing institutional boundaries, organizational cultures, and legal regulations most often work to the detriment of close relationships between ministries, agencies, and the corporate sector.

This is a serious challenge, because failure to fill the rhetoric of public-private partnerships with life will serve as a further disincentive to cooperate. Against this background the proposed presentation will conclude by
addressing six issues that could constitute a public-private working agenda to advance cyber security:

§ Reviewing Cyber Security Governance
§ Strengthening Collaborative Efforts to Create Cyber Domain Awareness
§ Addressing the Challenge of Attribution and Identity Management in Cyberspace
§ Advancing the Use of Predictive Analytics
§ Bolstering Trust in Cyber Hardware Components
§ Identifying Critical Cyber Infrastructure Components