Stopping Cyber Madness: Why the Private Sector Must Lead the FightStopping Cyber Madness: Why the Private Sector Must Lead the Fight
The government's ability to help secure the Internet will be limited given the light speed of the Internet versus the slower pace of government. That's why stopping the madness begins with the private sector.
April 11, 2018
As long as adversaries can spend $1 on a campaign and force us to spend $10 to protect ourselves, enterprises will lose the war on cybercrime. In the Cold War, the US bled the Soviets dry through a military buildup and Reagan's Star Wars initiative. The Russians and others are now using a similar strategy to financially drain the US public and private sectors in cyberspace.
As the news cycle is inundated with alerts about attacks against our critical infrastructure, cities, and universities, the US Cyber Command has responded with a new "Command Vision." The document provides a sobering read. My attention was drawn to one quote in particular:
Adversaries continuously operate against us below the threshold of armed conflict. In this "new normal," our adversaries are extending their influence without resorting to physical aggression. They provoke and intimidate our citizens and enterprises without fear of legal or military consequences.
While Command Vision sets objectives for the military to regain ground, it is clear that the private sector is also in the crosshairs. State-sponsored and criminal organizations have realized there is little chance of real legal or financial consequences for the foreseeable future. Russia, Iran, and North Korea have found our Achilles' heel. Even worse, they've identified our cyber infrastructure as a vulnerability that is cheap to exploit and makes billions.
But what is the Achilles' heel of cybercriminals? It's that they're lazy. They use advanced persistent infrastructure and tend to reuse tactics, techniques, and procedures over and over again.
Rather than building taller silos of data that become even bigger targets for criminals, US public and private sectors must similarly seek to expand their reach with limited resources. By unifying around common means of intelligence exchange and collaboration, US companies can increase their visibility into events in real-time while keeping costs low. Without effective methods to exchange cyber intelligence, enterprises play victim to attackers' strengths, continuing to build and protect larger data troves with common, single points of failure. As Command Vision states, "We should not wait until an adversary is in our networks or on our systems to act with unified responses across agencies regardless of sector or geography." The same applies to the private sector.
Since 1998, when President Bill Clinton signed Presidential Decision Directive 63, we have been on a quest to fuse data and collaborate. In 2015, Congress enabled organizations to work with each other more easily through the passage of the Cybersecurity Act. In May 2017, President Donald Trump called out the importance of information sharing in his Executive Order on Strengthening the Cyber Security of the Federal Government and Critical Infrastructure. Only now, with the growing frequency and severity of attacks, is the government and the private sector beginning to understand the requirement of collaboration. The Department of Homeland Security has begun to make more detailed information available to the private sector through their Critical Information Sharing Collaboration Program (CISCP), and TruSTAR has seen our customers eagerly participate in these efforts. This is a start, but far more work is necessary.
Enterprises and sharing organizations like the Columbus Collaboratory, the Cloud Security Alliance, and CyberUSA are starting to connect through common collaboration platforms to enable parties to exchange data about suspicious events while retaining control over their data. Sector-based organizations are adopting such technology as well, including the IT and retail sectors. These platforms go beyond threat intelligence and fuse disparate data sets related to fraud and physical security events. Shared technology infrastructure enables companies to work from the inside out, streamlining workflows and creating collaborative bonds within an organization first and moving on to supply chain partners, peers, and entire sectors such as IT and retail.
Joshua Cooper Ramo, in his book The Seventh Sense, notes that government's ability to help secure the Internet will be limited given the light speed of the Internet versus the pace of government's ability to act. Stopping the madness begins with the private sector today.
Paul Kurtz will be headlining Dark Reading's Cybersecurity Crash Course, May 1, at Interop ITX. Check out the agenda here.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
What Ransomware Groups Look for in Enterprise Victims
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Everything You Need to Know About DNS Attacks
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks