82. WannaCry signals a convergence between Cybersecurity and Geospatial

82. Geobreadbox WannaCry Cybersecurity Geospatial HEader.jpg

The WannaCry ransomware attack has, perhaps more than any other event, raised global awareness of the importance of cybersecurity. It has also, due to the global nature of the attack, signalled the moment when the cybersecurity and geospatial industries begin to converge.

82. Geobreadbox WannaCry Cybersecurity Geospatial Screen.jpg

In case you are not aware of the recent cyber-crisis, on Friday, 12 May 2017 some 230,00 Microsoft users from over 200 countries received a sinister message on their screens. Ransomware software called WannaCry informed users (including notable ones like the UK's National Health Service and Spain's Telefónica) that all of their files had been encrypted, and warned that within days they would be permanently deleted. That was of course unless a sizeable ransom was paid to the instigators using the untraceable Bitcoin currency.

The reason why the WannaCry is of critical importance to the geospatial industry and why the cybersecurity sector can no longer 'go it alone' is because attacks like this one have the potential to compromise critical infrastructure - infrastructure which is managed using geospatial information, systems and knowhow. Disrupting normal services in the health sector, or network coverage in the communication sector is one thing. Undermining the security of utilities and transportation networks is another thing, and one which carries potentially fatal consequences.

Maps are about Leadership

The WannaCry incident was a strategic, coordinated attack on the systems which underpin the developed world. Although it received significant attention, this attack on the virtual world was not treated in the same regard as an attack on the physical world would be. In order to change this, the cybersecurity industry should perhaps reconsider the importance of maps.

82. Geobreadbox WannaCry Cybersecurity Geospatial Hats leaders.jpg

Since the dawn of civilization, wars have been fought over maps. For both offensive and defensive purposes, the military's main focus is on gathering and organising as much 'intel' as possible in order to support strategic decision-making. Maps are used to help pre-empt and prepare for attack, to outmaneuver the enemy, and if necessary, to react accordingly. When under attack, true leaders understand the value of a map and use it to secure man-made and natural resources. Following last week's attack, the cyber industry should perhaps do likewise.

Spatial Thinking and the Timeless Craft of Mapping

82. Geobreadbox WannaCry Cybersecurity Geospatial Cartography Studio.jpg

If the cybersecurity industry is to harness true value from geospatial, then it needs to understand that 21st century maps are power and complex analytical tools and not just mere engaging visualisations. Mapping is about communicating information in the simplest possible manner in order to support decision making. In order to do so the geospatial professional needs to be skilled in information management and visualisation techniques such as symbology, filtering and annotation as well as in spatial processing techniques such as buffering, clipping, and fusing layers of complex information.

A New Dialogue for 2017

If it sounds as if things are not progressing, then the following should cheer you up. Perhaps due to the growing understanding of the value of locational information, and a recognition of the need to protect it, it appears as if a much-needed convergence between the $120 billion cybersecurity and the upwards of $270 billion geospatial industries has already begun.

Today, cybersecurity stakeholders are being encouraged to reconceptualise the cyber-world of network connections, nodes, and traffic patterns in a manner which is compatible with geospatial technology and information formats. As an example, Esri has coined the term 'cyber supply line' to describe the network infrastructure in the cyber world. In one article, an expert in this field explains how the company has identified five distinct and 'mappable' cybersecurity layers. These include: the Social Layer; i.e. (attackers and the targets); the Device Layer; the Logical network layer, the Physical Network Layer; and of course the Geographic Layer which provides contextual information.


What Next?

Cyber attacks like as WannaCry will force both legacy-based and modernized organisations to adopt a risk-based geospatial approach to protecting their physical and virtual assets. It require will both geospatial and cybersecurity stakeholders to adopt consistent and understandable terminology, to established agreed upon processes, and to standardize information formats. Considering the rapid pace of digitization of information, the growing interest in Smart City and IoT sectors, and the expected quadrupling cost of global cyber data breaches to $2.1 trillion by 2019 from to 2015 levels, it seems as if true change can not happen fast enough.


Although WannaCry was a terrible incident, perhaps the best thing that can come out of it is that the cybersecurity industry will begin to recognise the power and potential of geospatial technology and information. As leaders throughout time have learned, without maps, you may possibly win some battles, but you are sure to lose the war.