Main menu

Pages

Governments and businesses need to work together more to make America more cyber resilient

featured image

Cybercrime is now everywhere, so the question is not when an attack will strike against a business, individual or government, but whether victims will be resilient enough to deal with the consequences.

Recent events have only exacerbated cyber threats. Since Russia invaded Ukraine in February, the world has been vigilantly monitoring the security of global digital networks. To date, the most devastating Russian attacks centered on Ukrainian communications networks have had ripple effects only in Europe. But the war continues to escalate, and the threat of malicious Russian cyber activity to Ukraine, Europe, and the rest of the world remains high. As the US midterm elections approach, election security becomes a top priority and government officials are keenly aware of the threat posed by cyber actors, including Russia.

Even before recent events in Ukraine, malicious cyber activity was on the rise. The global COVID-19 pandemic has accelerated the shift of business, government, and personal activities to digital networks, expanding the potential attack surface and points of entry for cybercriminals. Ransomware poses a specific threat. 66% of organizations will have a ransomware attack in 2021. This is a 78% increase from 2020.

Strengthening cyber resilience and protection requires a multi-faceted strategy involving deeper levels of coordination and partnerships between governments and the private sector. As part of this joint effort, the federal government should increase cooperation and information sharing with other levels of domestic government and the private sector. Protecting and securing critical infrastructure is a top priority. Nearly 90% of it is run by the private sector. Companies document cyber incidents and threats, share that information with government partners, and proactively communicate in a timely manner with supply chains, customers, and other stakeholders to maintain reputation and We need to protect everyone.

Both the National Cyber ​​Director and the Cybersecurity and Infrastructure Security Agency (CISA) are integral to these efforts. Information sharing and analysis organizations, cyber information sharing and collaboration programs, and enhanced cybersecurity services programs are all important and need to be expanded.

Large organizations and government agencies often have the resources to devote to cybersecurity, but many small businesses do not. Protecting small and medium-sized organizations is imperative not only for those organizations, but also for protecting critical infrastructure his supply chains, including both large organizations and governments. There are currently gaps in access to federal resources for some small and medium-sized organizations that need to be filled.

Good “cyber hygiene” seems like a given, but the reality is quite different. We need better cybersecurity standards and a means to monitor compliance. Employee training should be frequent and content should be updated regularly to reflect changing conditions and threats. Working towards a Zero Trust architecture security model and implementing recommended software patches and updates is the normal course.

Building a stronger cybersecurity workforce and talent pipeline will be critical. The U.S. He added her 260,000 cybersecurity jobs in 2021, a 30% increase from hers, but demand for talent still outstrips supply. In May, there were 600,000 open cybersecurity jobs.

A factor in having an unrivaled cybersecurity workforce capable of meeting our national security demands is the creation of a Virtual National Academy for Cybersecurity. The Virtual Academy is based on partnerships with universities. increase. Similar to the U.S. Military Academy, cybersecurity cadets receive free college education in exchange for government services upon graduation. Graduates are placed in federal, state, or local government cybersecurity roles to meet their obligations.

A cyberattack occurs in the United States every 39 seconds, and these attacks continue to increase in severity and cost. Resilience to attacks is important. It’s time for both governments and businesses to ensure resilience.

Peter Altabef is the Chairman and Chief Executive Officer of Unisys.

Reece Kurtenbach is President, Chairman and Chief Executive Officer of Daktronics.

The author is a Trustee of the Economic Development Committee of the Conference Committee and Co-Chair of its Innovation Committee.