Private sector needs to help the U.S. respond to cyber threats

Aug. 7, 2018

A few keystrokes, thousands of miles away. Suddenly, the lights are out, communications systems are down and it’s unclear what happened or who is responsible.

This is the new world of digital destruction. Cyberattacks against our critical infrastructure—the energy grid, emergency services, telecommunications, the financial services sector, and more—have the potential for catastrophic effects disrupting our very way of life.

According to Kirstjen Nielsen, we are facing an urgent, evolving crisis in cyberspace. Our adversaries’ capabilities online are outpacing our stove-piped defenses.

In short, our digital lives are at risk. And we need bold action to fight back.

This threat continues to grow for a number of reasons.

First, our increasing digital interdependence means that your risk is now my risk and my risk is now your risk. A vulnerability that is exploited in one system can result in unpredictable, cascading and widespread consequences—jumping from a tech company one minute to a healthcare provider the next.

Just look to last year, when in a matter of days WannaCry ransomware spread to more than 150 countries, bringing hospitals, car manufacturers and transportation companies to a halt.

“Between government and the private sector, we have the data needed to disrupt, prevent and mitigate cyberattacks. But we aren’t sharing fast enough or collaborating deeply enough to keep cyberattacks from spreading or to prevent them in the first place.”

Second, our cyber rivals are getting more sophisticated.

Years ago, a cyber intrusion might look like a sloppy home break in. The window would be broken, furniture upended and jewelry missing from your bedroom. You knew you’d been hit.

But cybercriminals and nation-states are getting savvier. Now, the door appears to be locked and your house is just as you left it. But in reality, the intruder has already been inside for hours and is waiting for the right moment to strike, undetected.

It is getting harder to detect threat actors as they try to exploit every possible weakness to steal from and manipulate Americans and disrupt and even destroy our critical functions.

Third, we aren’t “connecting the dots” quickly enough.

Between government and the private sector, we have the data needed to disrupt, prevent and mitigate cyberattacks. But we aren’t sharing fast enough or collaborating deeply enough to keep cyberattacks from spreading or to prevent them in the first place.

So what is the Department of Homeland Security doing about it?

We are rethinking homeland security — changing our posture, setting course to confront systemic risk and embracing a new “collective defense” strategy.

Each of us is on the frontlines of the digital battlefield, so we must work together to protect ourselves. Any of us could be the weak link that not only allows adversaries to infect our systems but allows them to spread further into others.

The Department of Homeland Security cannot (and should not) protect every system, every network and every smartphone.

Commentary by Kirstjen Nielsen, U.S. Secretary of Homeland Security.

CNBC has the full article

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...