Challenges in cybersecurity: Lessons from biological defense systems

Defending against novel, repeated, or unpredictable attacks, while avoiding attacks on the ‘self’, are the central problems of both mammalian immune systems and computer systems. Both systems have been studied in great detail, but with little exchange of information across the different disciplines. Here, we present a conceptual framework for structured comparisons across the fields of biological immunity and cybersecurity, by framing the context of defense, considering different (combinations of) defensive strategies, and evaluating defensive performance. Throughout this paper, we pose open questions for further exploration. We hope to spark the interdisciplinary discovery of general principles of optimal defense, which can be understood and applied in biological immunity, cybersecurity, and other defensive realms. •We establish a framework for understanding the context in which attacks and defense occur, to determine which analogies are appropriate when seeking cross-disciplinary insight.•We provide a general classification of layers of defense, and we analyze a variety of influences on how these layers should be combined into holistic defensive strategies.•emphasize crucial practices for evaluating the performance of a defensive system to facilitate timely updates and avoid catastrophic attacks.•Throughout, we pose questions for future research which would represent major advances in the field of complex adaptive system defense, for cybersecurity systems and beyond.