We’ve mentioned the U.S. is falling behind its allies who are taking a more hawkish stance on cybersecurity and warning hostile actors. In January, France’s defense secretary Florence Parly declared: “Cyber war has begun.”
And she said the Euro nation’s military will use its “cyber arms as all other traditional weapons… to respond and attack,” as well as setting up a military bug bounty program.
Our feeling was, this stance puts the U.S. and the rest of the world for that matter, at a disadvantage when it comes to cybersecurity.
One might imagine – the U.S. with the strongest military in the world would make a similar statement.
We have good and bad news to share.
The U.S. has caught up to France and will now potentially consider a cyber-attack as an armed attack and respond militarily.
The bad news – depending on perspective, is The U.S. will go to war to defend Japan from a cyber-attack according to Mike Popeo, U.S. secretary of state.
One might imagine similar logic would apply to U.S. attacks of which there are millions each year. But we are not aware of such statements being made.
Challenges abound. Can you pinpoint the root of a cyberattack with 100% accuracy? What is the proper response to a financial attack? If people are injured or killed as a result of an attack – perhaps a manufacturing facility for example, what is the proper response?
There are lots of questions to ask and answer as we examine all the possibilities but in our view, it is better to lay them out now, before the worst happens and we are forced to react with overwhelming force.
At least, if this is done now, we can add more deterrence to the next would-be attacker.
Every Business must take actions to protect itself. The U.S. Department of Homeland Security explicitly tells us that we are NOT prepared for today’s attacks.
Organizations can choose to be low-hanging fruit, making it easy for hackers to focus on them or do things properly to fend off attackers.
Prevention is crucial. Every company must take these steps:
- Cybersecurity training must be done regularly.
- Auditing and documentation must be performed regularly to ensure systems are secure.
- Anomaly detection should be running constantly to detect threats as they emerge.
- Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.
- Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.
- An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.
- Use phishing simulation which tests employees by sending safe phishing emails. Employees who click are quickly trained on what to avoid.
Protect your organization – even if you have internal IT, hire an experienced MSP or MSSP.
If you do get infected, be sure to hire an MSP with forensic experience who can handle the problem and get you back and running as soon as possible.