In case the news of constant breaches isn’t enough to inform you that most companies are not prepared for cyberattacks, recently, the Department of Homeland Security in the U.S. confirms this is the case.
Homeland Security Secretary Kirstjen Nielsen said recently, “We are under siege from transnational criminals…faceless cyber thugs and hackers…and resurgent nation-state rivals.” She continued, “America is not prepared for this. Your average private citizen or company is no match against a nation-state such as China, Iran, North Korea, or Russia.”
The EU, after seeing over $10 billion in losses thanks to NotPetya alone – this malware encrypted computer data, rendering them useless, has a plan.
To prepare for major cross-border cyber-attacks, an EU Law Enforcement Emergency Response Protocol has been adopted by the Council of the European Union. The Protocol gives a central role to Europol’s European Cybercrime Centre (EC3) and is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises. It serves as a tool to support the EU law enforcement authorities in providing immediate response to major cross-border cyber-attacks through rapid assessment, the secure and timely sharing of critical information and effective coordination of the international aspects of their investigations.
The trouble is, hackers are proliferating and getting better by the microsecond. The US and EU governments are forming responses to attacks years after they occur.
Likewise with their new cybersecurity spending. It takes years to determine where this money will go, then deal with RFPs, responses and then implementation.
The bottom line is – government action is nice but likely won’t help 99.99% of companies.
Every organization needs to do more. See our detailed thoughts for more.