A major mind shift in cybersecurity is happening. As existential threats present public challenges that are much greater than any single company or organization can manage alone, the time is now to defend together … or get left behind. We need to adopt a Collective Defense approach to secure nations and digital economies.
3 cybersecurity challenges
Cybersecurity Awareness Month is the perfect time to call attention to these issues. In particular, there are three playing out right now that have critical impact on all of us:
- COVID-19 vaccine development
The pandemic has propelled the world into uncharted territory. Countries across six continents are racing to create a viable and safe vaccine to beat COVID-19. This race depends on the brightest minds in tech, data science, and medicine working together across disciplines and geographies. They need a secure, collaborative way to get from A (crisis) to B (containment) to protect the intellectual property that vaccine development depends on. That route is a secure network across the life sciences value chain. Cybersecurity strengthened by Collective Defense can protect that network.
Many leading pharmaceutical companies have vowed to make any prompt discoveries affordable and available to all. One world player is taking a winner-takes-all, all-of-nation approach, though: Russia. Recently cybersecurity agencies from the U.K., Canada, and the U.S. jointly attributed a campaign targeting pharmaceutical companies and academic institutions involved in COVID-19 vaccine development to APT29, a group widely believed to be executing Russian cyber attacks on behalf of Russia’s intelligence services. We must come together as a unified front to stand against these threats to get past the state we are in right now, especially given Russia’s long history of cyber threats.
The pandemic is a human crisis and an economic one. Since the early days of the outbreak, I have been a pro bono consultant to several states on how to manage the crisis. The state-by-state economic ebb and flow of lockdown/openness is our current reality. The only way out is a vaccine. Let’s work together across sectors, states, and nations to keep intellectual property secure to heal people and the global economy. For example, C5 Capital’s Cyber Alliance to Defend Our Healthcare, which brings together stakeholders in an IronNet IronDome for cyber defense, is leading the way in the U.K.
During Cybersecurity Awareness Month, and beyond, I ask, If we have a way to work together to increase our collective level of cybersecurity, why wouldn’t we use it?
- Election security
The U.S. election is just around the corner. Contrary to popular opinion, the biggest threat to the election is not potential hacking into voting systems. It is a lack of awareness of the extent to which nation-state adversaries push out social manipulation campaigns that are meant to create discord and a distrust of governing bodies among the American people. These tactics play out globally, too, as happened in the months leading up to Taiwan’s own presidential election this past January. Using bots to fuel fear, anger, and frustration, cyber adversaries amplify heated messages, influence and sway opinion, and wreak havoc to undermine the American body politic. All the while, they are using the opportunity to launch cyber attacks abroad while the U.S. is more or less distracted on the home front.
How do we fight back? It is each person’s civic duty to become a critical consumer of information. Debate and dialogue are hallmarks of every great democratic nation. We must protect the ability to engage together to advance solutions to current and systemic problems in this country. Think about and scrutinize your online communities, and push for constructive conversations in the face of manipulation campaigns that sway public opinion and gaslight our democracy.
The days of Walter Cronkite, when we knew the news source and trusted it, are long gone. And that’s the way it is. So let’s be critical thinkers on Twitter and everywhere.
- Securing critical infrastructure
By nature, I am an optimist. The first two challenges, however, are non-issues if we can’t keep the power on. Protecting critical infrastructure from cyber attacks is an ongoing issue. Let’s use Cybersecurity Awareness Month as a wakeup call for working together to secure it. Russia has no problem stirring the pot. For the first time two years ago, the U.S. publicly accused Russian cyber actors of disrupting the power grid. As we move toward smarter and more connected energy infrastructure, we must defend as a unified force.
Southern Company, the second largest energy provider in the U.S., is a model of this approach. In addition to rallying mutual aid to recover from severe storms, Southern has raised the standard for grid security. It has partnered with other companies to create a Collective Defense ecosystem for the energy sector. Across all sectors, we must stop defending in isolation. Otherwise, we will never win.
Cybersecurity Awareness Month: strengthening security for the global economy
These are just three cybersecurity challenges. There are many more. I call on everyone to make Cybersecurity Awareness Month a time to become more cyber aware and to take action, whether at home or at work, or as the companies and organizations upholding our nation’s economy.
A secure network is the foundation of a thriving global economy marked by trust, confidence, and prosperity. We must fight together, through Collective Defense, to protect it.
*** This is a Security Bloggers Network syndicated blog from IronNet Blog authored by General (Ret.) Keith Alexander. Read the original post at: https://www.ironnet.com/blog/cybersecurity-awareness-month