United Cyber Defense: Let’s Make this a Global Benchmark
We have been slow in response to both the global pandemic and to looming cyberthreats. We need a Global Unified Cyber Defense platform.
To be honest, we weren’t ready for a pandemic in the United States. We better be ready for a major cyberattack now — it’s not too late to prepare for these attacks.
If we don’t fully realize by now how serious the cybersecurity risks are, we should take note of this: in 2019, the World Economic Forum ranked cyberattacks as actually more likely and potentially more impactful than the spread of infectious diseases like Covid-19.
We are now in the midst of the response to the worldwide spread of infectious disease, learning the impact of what we have done wrong and what we have done right in response to this pandemic. In particular, the response to date can yield useful suggestions for dealing with cyberattacks, because there are many parallels. One of the most sweeping conclusions to take from this assessment is the necessity, in both cases, for a more unified response.
Health experts are telling us that in a crisis like the Covid-19 pandemic, there are at least three areas where we desperately need an informed and unified approach:
- assessment of the threat,
- operational efficiency in dealing with the problem in the moment,
- clear and unambiguous messaging about what individuals should be doing.
The parallels with cyber threats are striking. Here, too, we need a unified approach to sharing intelligence about the threats, a unified approach to preventive and remediational responses to them, and consistent messaging to educate users and employees about secure practices.
Today, this kind of unified approach is sadly lacking in the responses to both the global pandemic and to looming cyberthreats. What we need is a Global Unified Cyber Defense platform.
Responses to the Covid-19 crisis are quite literally all over the map. Different countries are trying different strategies; they are acting slower or faster and tactics vary. And the same is true across the 50 states in the United States. The Federal government and the states have found themselves in bidding wars for vital supplies, and despite a clearly articulated plan from the medical establishment for flattening the curve, state governments are mostly following their own counsel. However, some states (notably Washington, Oregon and California, and a number in the Northeast) have said they will coordinate on re-opening their economies.
A lesson that surely needs to be drawn from the Covid-19 crisis is that we need to be better prepared at a national and global level for a global pandemic. We need a unified cyber defense approach because the virus doesn’t respect national or state boundaries.
Likewise, cyberattacks don’t restrict themselves to one company. What attackers learn in attacking one company they can use against others.
Earlier this year, two veterans of the FBI’s Cyber Division indicted the US government’s approach to cybersecurity. They didn’t fault the government for lack of effort. The FBI, Secret Service, NSA, Defense Department, and Homeland Security all have a role in the investigation and response to cyber threats, from attacks on our elections to hacks into the data stores of our largest companies.
The criticism was of the lack of central organization, of a unified approach.
“Who’s responsible for protecting the 2020 presidential elections against cyberattacks?” they asked.
“Nobody really knows.”
The good news is that there are people working to develop an approach that can be shared across nation-states. Israel, a frequent innovator in cybersecurity, has unified all of its cyber assessment and response under one government agency. Its model can be exported. And a United Nations-backed alliance called the International Multilateral Partnership Against Cyber Threats (IMPACT) is helping deliver a consistent and effective global strategy.
But the private sector needs its own unified approach to cybersecurity. This means two things.
#1 Within a company, a unified approach would involve a central authority responsible for all aspects of security, cyber and physical, implementing one consistent and comprehensive program for assessment, response and education. Not every company can fully implement such a program now, but this kind of coherent approach should be a goal.
#2 Working in a unified fashion also means that companies must work in concert with one another to fight cyberthreats. Specifically, they need to share information about attacks.
As experts have noted, we need a global standard for reporting cyberattacks. A novel attack on one company will be repeated against others. Sharing knowledge of attacks can help guard against loss and provide the kind of data that can make more sophisticated protective tools and strategies possible.
The challenge is that companies would prefer not to share that kind of information, for a variety of reasons. However, a system that protects anonymity yet collects data that could be aggregated and analyzed would be a powerful tool for fighting black hats.
- Sharing attack information.
- Sharing successful strategies.
- Sharing security tools and best practices.
These are some of the elements of the unified approach to cybersecurity that we need to stay ahead of the bad guys.
(To share your thoughts with us, please write to firstname.lastname@example.org)