In early April this year, parties belonging to ISIS blacked out broadcasts on eleven channels of French television station TV5Monde. The station went off the air for hours and found that hackers had breached and defaced the network’s social media accounts as well.
Subsequently, the word cyberterrorism appeared in numerous news headlines all over the world.
Industrial PRIME has been hearing of terms beginning with the prefix cyber- quite a lot recently. Since most of the terms carry a negative connotation, we felt it was time to find out more. Luckily, we knew the man who to talk to.
Meet Jarno Limnéll. Earlier this year, the professor became VP of Cyber Security and Business Development at Insta DefSec, a leading Finnish defence and security technology provider. Limnéll is going to ease our troubles and tell us everything we need to know about the concept of cyber.
PRIME meets Limnéll at Insta headquarters, located in Tampere. We begin the interview with a seemingly simple question: What exactly does cyber and, by extension, all the compound terms formed by using it refer to?
To our surprise, Limnéll does not consider this a simple question at all. On the contrary, he points out that a lot of people using the same terminology are in fact often talking about different things.
”This terminology is definitely in need of a wider popularization,” Limnéll says. ”We need to make this subject matter so simple that it is not unclear to anybody what we mean when we talk about cyber.”
Limnéll proceeds to make it simple for us by dividing reality into two realms. One is the physical environment, consisting of atoms and tangible objects: the desk between us, the suit he is wearing, the walls that surround us. The other is the man-made, artificial digital environment that he refers to as the cyber environment.
“When we talk about cybersecurity,” says Limnéll, “we mean all kinds of security related to this digital environment.”
Herein lies a global megatrend. The digital environment has become part of practically every aspect of life: society, business, even our personal lives.
“To a growing extent, the physical and digital realities are interconnected,” Limnéll points out. “We are becoming increasingly dependent upon the digital environment. It brings us so much, and the opportunities seem endless. Yet at the same time this dependency is making us vulnerable.”
Agreed. Try making a dictionary query by typing in “cyber”. You will be presented with terms such as cybercrime, cyberattack, cyberterrorism, or even cyberbullying.
Objective: Security (Or at Least a Decent Amount of It)
In a recent article, Limnéll wrote that within the next two years more crimes in Finland will take place in the digital environment than in the physical world.
“This is hardly surprising, as more and more things are moved from the physical environment into the digital one,” Limnéll says. “Think about your money, for instance. Or the government: more than 99% of the information concerning Finnish society is now in digital and no longer in physical form.”
“Meanwhile, negative phenomena such as crime, warfare, and terrorism have begun to flourish in the digital environment. Therefore, the importance of the digital environment and its security is growing at a fast pace.”
In order to define cybersecurity, Limnéll finds it necessary to also define security, another term over which people tend to have different understandings. He prefers a simple definition here as well.
“I see security as a combination of three factors,” says Limnéll. “First, the reality. Second, an individual’s subjective feelings as to how safe or threatening that reality is. Third, resilience. There is no perfect security, neither in the physical nor in the digital environment. Your resilience is defined by the extent to which you are capable of living with that.”
According to Limnéll, the main focus in cybersecurity does not lie in trying to stop all malicious traffic by means of firewalls and other security appliances: because there is no perfect security, something or someone will eventually get through.
It then becomes the question of how quickly you can identify the intruder and then eliminate it, or at least mitigate the problems caused by the breach.
“For instance, the United States has admitted that all of their crucial data networks have been breached by cyberattackers,” Limnéll reveals. “Breaches are inevitable, they cannot be prevented. What the U.S. wants to make sure is that the attackers will not gain access to their most important data, the kind of data that under any circumstances must not fall into the wrong hands.”
Undefined War Zone
It seems cybersecurity is already mainstream: drop the prefix and just say security, and many people will automatically make an association with cybersecurity as well. Limnéll agrees, but points out that these days the hype around cybersecurity has a tendency to become blown out of proportion.
“People talk about cyberwars and whatnot,” he says. “I don’t believe that a single war will ever take place solely in the digital environment. But then again, we will probably not see another war in which cyber elements are not present. This kind of hybrid warfare is definitely here to stay.”
For Limnéll, whose military rank is Captain, war is yet another interesting term with varying definitions.
“How should we define war?” he asks. “Do we have a war in our hands when a certain number of people have suffered a violent death? Or do we have a war when a certain governmental body has declared so? Or is war something else?”
“These days, what is becoming more and more common instead of warfare is acts that are just below the threshold of war and that will not result in large-scale use of violence.”
This brings us back to the United States. In 2014, U.S. intelligence officials deemed cyberattacks and cyberespionage the number one threat to the country. Limnéll finds this very interesting. After all, no one will die as a direct result of spying.
“Instead of human lives, the country loses information,” he points out. “Information is perhaps its most important economic capital, because losing information to foreign attackers damages its global competitiveness. That is why Americans take these things very seriously.”
Business of Know-How and Trust
Practically all solutions offered by Insta are related to the digital environment. Consequently, cybersecurity is present in everything Insta does as well. Security is the key in producing safe, reliable solutions for the customer. When asked what makes Insta so strong in cybersecurity, Limnéll emphasizes two crucial aspects.
“In cybersecurity, it is not the circumference of your biceps that counts, but what you have in here.”
Limnéll points towards his head. It is a fitting reminder, coming from a man with a physique as impressive as that of any genuine Hollywood action hero.
“It’s all about the know-how. When I started working for Insta, I instantly discovered that the company is brimming with skill and talent. I am confident that we can achieve great things working together.”
The other crucial aspect Limnéll emphasizes is trust. The Americans, for instance, are currently not buying any security solutions from the Chinese. Nor are the member nations of NATO too keen on Russian technology. Finland, on the other hand, is associated with high levels of both know-how and reliability.
“Insta offers a perfect combination of both,” Limnéll says. “That is why I believe the company has great potential to become an even bigger player in the market. And I am determined to help Insta grow into a remarkable cybersecurity company.”
Text and Image by Industrial PRIME
tel. +358 45136 3532