Digital culture has been a tremendous success for the modern world, but it has not come without pitfalls. Cyber attacks are an everyday occurrence for millions of American businesses, both large and small, and no one person is immune; CBS News most recently highlighted a large-scale Chinese cyber attack on AT&T. What is concerning is how attacks on everyday businesses are part of a wider scale strategy of destabilisation, in geopolitics and, potentially, warfare. These little attacks may seem easily deterred on an individual level, but become greater than their sum of their parts. How the USA responds in the cybersecurity stakes is crucial.
Understanding risk
The current scale of cyber risk is huge. USA Today statistics on the volume and type of cyberattacks makes for stark reading; every 39 seconds, a new attack occurs, with many targeting smaller businesses. Larger scale attempts to compromise digital networks are rife, too, and disproportionately target larger states; California receives the most attacks every year, with many facing hospitals and critical data infrastructure. Whilst unnerving, this does present strategies and opportunities to cybersecurity professionals. Understanding risk is key. Alaska has the highest per capita rate of cyber attacks, but that is largely a function of its low population. Finding the risk and addressing it is key, and that seems, largely, to be in states with the highest amount of high tech infrastructure.
Embedding research
A risk and data driven approach is crucial to creating resilient and sustainable cybersecurity measures. This has been identified, by and large, by the federal government. A recent press release outlining the next surge in federal-led data security initiatives highlights a key area: research. As the nature of cyber threats become more diverse, and more linked to the more ‘classic’ threats posed by opportunistic financial crime, embedding research into the day-to-day development of cyber protocols is fundamental. This will ensure that new methods are based on intelligence, rather than only a rough sense of what it is that drives cyber attacks. With the ever changing of where attacks come from, this is an essential aspect of preparation.
Putting plan to action
There are signals that the USA is taking steps to improve their overall control of the digital infrastructure it relies on. Whereas attacks from within the country can be tracked and prosecuted, it is far more difficult – and geopolitically challenging – to look at those threats abroad. According to Security Intelligence, the current administration has taken steps to enhance and protect internet routing. This will effectively improve the firewall around the country, in a manner that China has mastered for decades. This can, and will, be an effective blocker against cybercrime – or at least make it easily identifiable, again, hedging risk.
Data; risk; awareness. Tying this together with research will prepare the USA for the new generation of cyber attacks. Current statistics aren’t promising; but there is obvious and concerted effort to improve preparation. In the meanwhile, small businesses in particular must do everything they can to build their own defences.
