Get started on your cybersecurity degree at American Military University. |
By Susan Hoffman
Contributor, InCyberDefense
Although an increasing number of organizations are aware of the need for stricter cybersecurity measures, a considerable amount of work remains to make U.S. cyber defense as strong as it can be from cyber enemies. Some companies still maintain a “head in the sand” mentality, thinking that a cyber breach is unlikely to happen to them.
However, no organization – no matter how small or how large it is – can afford to be without good cybersecurity. The costs of a cyber breach are too high to ignore, especially by small businesses. For example, Gary Miller of The Denver Post notes:
- 60% of small companies are unable to sustain their businesses beyond six months after a cyber attack. (U.S. National Cyber Security Alliance)
- The average price for small businesses to clean up after a hack stands at $690,000. (Ponemon Institute)
- Middle market companies spend over $1 million after a hack. (Ponemon Institute)
Similarly, Steve Morgan of Cyber Security Officer predicts that cyber crime damage costs will hit $6 trillion annually by 2021.
Where Are the Main Cyber Threats Originating?
According to Ian Bremmer, the founder and president of political risk company Eurasia Group, four countries have high cyber intelligence capabilities:
- Russia
- China
- North Korea
- Iran
Bremmer notes, “America’s greatest vulnerability is its continued inability to acknowledge the extent of its adversaries’ capabilities when it comes to cyber threats….WannaCry, from North Korea – no one in the U.S. cybersecurity services believed that the North Koreas could actually do that.”
Other cyber threats include random hackers, terrorist groups and criminal groups who attack computer systems for entertainment, power or profit. With attacks coming from different directions and individuals, it isn’t easy for cyber defenders to keep up with all of the threats from cyber enemies.
Also, there are insider threats. Ex-employees who want revenge or profit may steal crucial customer data, a situation that recently happened to SunTrust Bank.
What Else Should Be Done to Protect US Cybersecurity from Our Cyber Enemies?
In a 2013 Politico article, security experts Tom Ridge, the first Homeland Security Secretary, and Howard Schmidt, chief cybersecurity adviser to presidents George W. Bush and Barack Obama, wrote: “We have made progress, and many people have made well-intentioned efforts to push back against cyberthreats that are deepening in sophistication. But that progress is simply not keeping pace with the speed of incoming attacks.”
The Department of Homeland Security (DHS), however, has definitely taken steps to strengthen U.S. cybersecurity. DHS conducts a biennial exercise called Cyber Storm, designed to improve cyber preparedness in public and private sectors.
In other organizations, cybersecurity measures need to be strictly enforced and critical information needs to be identified and protected. Although it is difficult to guard everything and everywhere 24/7, companies can make it much harder at least for data to be stolen or for infections to go undetected.
Comments are closed.