Do cyberattacks need to cause a plane to go down before
cybersecurity gets the attention it demands?
I often wonder. It seems a disastrous cyber-induced consequence
is the only way cybersecurity will become a priority. And unfortunately, a plane
crash is well within the realm of reality.
With the recent ATM cyber heist and Wall Street marketcrash caused by the AP Twitter account hack, we may see a twinkle of
understanding of the escalating risks that cyberattacks pose to American
industry.
Why?
The ATM cyber heists are particularly notable. They didn’t
stop at their usual damage of defacing a website or disrupting an ATM for a few
minutes. These cyber attackers hacked into high-level internal banking computer
systems. They targeted, stole and modified customer data as they desired. Meanwhile,
banks went about business as usual, oblivious to the secret hands hacking their
vaults.
In light of the ATM cyber heist and Twitter-induced
market crash, can you imagine the dangerous scenarios looming in our future? Key
customer information was removed and used at will. Criminal or nation-state
cyberattackers were able to perform banking functions remotely from a foreign
country. False news was hacked into social media streams to influence business
and consumer behavior.
This is not a guess. This is real. And this is now.
We’re way beyond 1984
here. The dangers in our future are flashing warning lights, and they’re
getting closer.
America’s Cyber Safety Net (as described in “7 Trends Which Will Drive the Future of
Cyberwarfare 2013-2015,” my current report available in the sidebar) is
running out of time. Private enterprise can’t afford to wait for government agencies
to one day take action toward cyber defenses. No, American industry must take the lead in developing its own cyber
defenses.
There are two recent examples that show industry initiative
is superior to government action: First, the IRS’ misuse of personal tax
information as a political tool. Second, the Justice Department’s unprecedented
intrusion into AP reporters’ phone records without notice.
In light of these revelations, it could easily be argued
that big government does not provide a
trustworthy, responsible solution to American industry’s pressing cyber
information and cybersecurity needs.
Critical U.S. industries (finance, utilities, communications,
and transportation) must form cyber defense groups to deal with cyber threats facing
their own industries.
The alternative? Wait for the government to muddle its
way forward.
Which option do you prefer?
("Chain With A Broken Link" image: David Castillo Dominici/FreeDigitalPhotos.net)
No comments:
Post a Comment