Cybersecurity Resilience: making sure that Government can prepare, mitigate, control and recover from cyberattacks (deliberate attacks where attackers are using digital technologies) or technology failures (accidental issues where outcomes are propagated using digital technologies).
Well, unless you were living under the rock somewhere for the last number of years, you know that some really serious people are using technology to fully or partially disable the operations of the Government. And as with any company or organization that is impacted by the cyber threats, every breach will cost you in the interrupted services, slow operations and finally, money. Cyber-crime will cost us over $2 trillion by 2019, according to Juniper Research.
Starting about 3 years ago (~2012) Microsoft started to see a big shift where nation states and even terror groups started to get involved in cyber-attacks against the private sector. The attacks from these actors are brazen and in include the highest levels of sophistication. Their motives are different from what were seen in the past and they seem to be increasingly focused on damage and disruption rather than just mass IP theft. We’re truly in a new area where the costs of getting breached aren’t as fuzzy as they used to be. They are easily quantified and they are balance sheet impacting. Kaja Ciglic, Cybersecurity Strategist, Microsoft
When we think about Resiliency, and we connect that with the Governments, we usually think about solving the issues in four distinctive areas:
- Conventional Cybercrimes: you know that stuff, people are using their resources (to be precise, not just their, and if they are very clever they don’t use their own resources at all) to target other computers for the criminal purpose. Now, they do different things, like fraud, theft of intellectual property, abuse or damage of protected information technology systems, and even damage of critical infrastructure. It actually started as a joke or something for fun, but lately behind those issues you can find whole corporations and recently, countries.
- Military, economic and political espionage: in a recent events, we saw basically nation-state activities in which one country infiltrate another one — no just looking for the any data or attempting to spy the government activities, we actually saw an attempts to steal sensitive military data that can be used to do some serious damage to the country (and given the nature of the data, that won’t be the only affected country). Economic espionage is an old one, but still present — stealing intellectual property that is owned by another companies or nations.
- Cyber Conflict or Cyber Warfare: this is something that quickly escalated in last few years. It became known via different names like asymmetric warfare or hybrid war — but it give an opportunity to basically anyone to engage with the specific nations on the national security level and use Internet to launch cleverly designed attacks that will involve the whole nation into the cyber conflict.
Cyber security quickly escalated as a topic of interest and became a “play of the day” for many nations and institutions. Focus on understanding how to survive in the world of cyber-threats became top priority for many government decision makers, and strangely they are first to admit that they need help from private sector on this one — it became very complex, very resource intensive and is changing with very high velocity.
There are two types of companies: those who have been hacked, and those who will be. Rober S. Mueller III, Former Director F.B.I. RSA Conference 2012
To deal with cyber security, Governments are looking for a structured, joint approach (“A New Vision of Cybersecurity”) that they can execute together with the private sector, and to define an environments that they protect but also enable for a specific functions.
In the next article, we will explore potential approach to the cyber security resiliency and how one should think about the model that will help them build their secure environments.