Many agencies, companies, organizations and individuals were caught off-guard by the recent rise in cyber crime.
Malicious software developers and hackers have been emboldened as malware and ransomware becomes more sophisticated. Unfortunately, it looks like things are going to get worse before they get better.
On Tuesday, lawmakers met in an open hearing to discuss the cyber threat landscape affecting both U.S. government activities and private businesses. Industry experts warned lawmakers Tuesday that hackers backed by the Chinese government appear to be targeting private U.S. companies and organizations. Samantha Ravich, an advisor to a D.C.-based think-tank, reported that there has been a resurgence of economic-related espionage by Chinese hackers and that the hackers have returned to “business as usual.”
Stealing trade secrets, intellectual property and confidential information are just some of the weapons Chinese cyber espionage operators have used against U.S. businesses. Damages resulting from these activities range from approximately $180 to $540 billion, according to British insurance company Lloyds.
Although the U.S. government has taken many steps to address cybersecurity concerns and protect assets like .gov and .mil sites, businesses are often left without funding or adequate tools to “detect, evaluate and address cyber-enabled economic threats,” Ravich told the Senate. The private sector is left to fend for itself — a situation she described as “untenable” considering the nature of the adversary: China.
In an effort to address and strengthen U.S. cybersecurity practices holistically, President Trump ordered NIST to create the Cybersecurity Framework. The Framework is the product of collaboration in the security industry and is designed to establish common standards for “everyone from InfoSec professionals to executives across industries,” which would strengthen the cybersecurity strategies of both the individual entities and the collective group. NIST’s framework would ensure that everyone is using the same language and definitions, enabling easier communication when sharing tactics, deployment and improvements to cybersecurity strategies.
Federal agencies and private sector companies will have to cooperate extensively in order to address the mounting concerns over U.S. cybersecurity practices. A symbiotic relationship between the two will have to be adopted so that our nation’s cyber defenses can be shored up and provide adequate protection. This will likely lead to a veritable cornucopia of opportunities for cybersecurity service providers and consultants, as their expertise will be an invaluable resource when implementing NIST’s cybersecurity measures.
THIS WEEK’S TOP NEWS STORIES