[ad_1]
With cybercrime on the rise, the private sector needs to deepen its partnership with federal agencies to combat cyber predators. Public-private cooperation has already delivered important progress, but more is needed to ensure the safety and security of the digital economy, says Anant Adya of Infosys Cobalt.
Escalating Cyber Threat Landscape
Cyber threats and cyber-crime are on the rise, with predators utilizing new – and more aggressive – tactics. Countering those predators depends on a multi-pronged strategy, but there’s one that’s particularly important: businesses partnering with federal agencies. This partnership can open a new front in the battle against cyber predators – and help undermine their ability to profit from their pilfering.
Evidence of the growing cyber threat is everywhere, but here’s a chilling statistic from Microsoft: in the first quarter of 2023, it experienced a tenfold increase in attempted password-based attacks compared to the first quarter of 2022. The sheer volume of such attacks is staggering, rising from around 3 billion per month to over 30 billion. “This translates to an average of 4,000 password attacks per second targeting Microsoft cloud identities this year,” writes Microsoft in its 2023 Digital Defense Report.
There’s every reason to believe these trends will continue in 2024 and beyond, particularly with the spread of generative AI. While its potential is exciting, it can also be exploited for nefarious purposes – such as sophisticated phishing emails and deepfake videos. This is particularly worrying, given the widespread use of ChatGPT. It had 100 million users within a few months of its November 2022 launch – a number that Facebook hasn’t reached for more than four years.
Amid these challenging conditions, the Biden-Harris administration released its cybersecurity strategy earlier this year. Among the strategy’s many dimensions, it helpfully recognizes industry’s critical role in cyber defense, pointing to the private sector’s “growing visibility into adversary activity,” which is “often broader and more detailed than that of the Federal Government.” The strategy calls for “more routine collaboration” between private sector entities and federal agencies with the means and authority to act.
See More: How To Navigate the Cyber Threat Landscape
Importance of Private-public Cooperation
The importance of such collaboration is echoed in other quarters. As the World Economic Forum has noted recently, “the only way we are going to address cybersecurity threats is through active partnerships between the private and public sectors.”
Underscoring the importance of private-public cooperation is that cyber thieves cooperate to increase their effectiveness. Accenture has reported on “relationships forming among ‘secure syndicates’ that closely collaborate and use the same tools — suggesting a major change in how threat actors work together in the underground economy. With syndicates working together, the lines are even more blurred between threat actor groups, making attribution more difficult.”
Events over the past few years also demonstrate the value of private-public cooperation and partnership. One of the most damaging examples of malware, Emotet, became “the go-to solution for cybercriminals” after being discovered in 2014, said Europol, noting that its infrastructure “essentially acted as a primary door opened for computer systems on a global scale.” But in January 2021, Emotet was taken down, thanks to coordinated action involving federal agencies in the United States (and other countries) along with private sector actors.
Another example of public-private cooperation leading to a positive outcome came in 2021. Vulnerabilities had been identified in Apache’s Log4j – a security tool used in consumer and enterprise products, websites, and other applications. An adversary could cause a vulnerable system to generate code that, in the words of the U.S. government, “allows the adversary to take full control over the system. The adversary can then steal information, launch ransomware, or conduct other malicious activity.”
However, public and private cooperation (as part of the Joint Cyber Defense Collaborative) facilitated the sharing of information and insights – making it possible to address those vulnerabilities quickly and minimize the massive threat posed by Log4j.
Partnering with federal agencies enables the federal security infrastructure to develop a more comprehensive understanding of the cyber landscape. Early vulnerabilities can be identified and addressed to benefit the targeted companies and others facing the same threats.
See More: Joining Forces: A Public-Private Sector Collab
Business Consequences of Cyber Threats
Government agencies, often working with their counterparts worldwide, are also uniquely empowered to combat cyber threats and achieve redress – sometimes being able to seize funds obtained by cyber thieves and return it to the victims – or even prevent ransoms from having to be paid.
Earlier this year, the United States Justice Department announced it waged a months-long disruption campaign against a ransomware group called Hive. That campaign captured decryption keys, more than 300 of which were provided to victims, nullifying the need to make ransom payments totaling $130 million. The Justice Department also announced that by working with other government agencies in Germany and the Netherlands, it had seized control of Hive’s servers and websites, severely handicapping the entity’s predatory tactics.
Representatives from one of the targeted sectors – hospitals – reported later that the campaign against Hive got a boost from “the robust exchange of cyber threat information with the private sector.”
As these examples show, public-private cooperation enhances the ability to address vulnerabilities throughout the cyber environment and combat cyber thieves. That’s a big benefit of such cooperation – but it’s not the only benefit.
Reducing cyber threats contributes to a more stable and predictable company operating environment. At a time when virtually all businesses have an online presence, robust cybersecurity is on par with reliable access to electricity as a non-negotiable element of doing business.
There are also collateral benefits associated with a safe and secure cyber environment. Such environments contribute to dynamism across the private sector, sparking growth among incumbents and supporting a start-up culture. The following competitive ferment catalyzes companies to be high performers – always searching for innovations that give them an edge over their rivals.
But when a hostile cyber landscape exists, companies are forced to focus more energy on protecting their assets – a recipe for long-term stasis and decline. And for companies victimized by cyber predators, the damage isn’t limited to immediate losses. A McKinsey survey of companies has revealed that 10 percent of the companies surveyed said that they had terminated a business relationship with a supplier over the previous year because of a data breach at that supplier.
Securing the Digital Economy’s Future
Looking ahead, the digital economy presents virtually unlimited economic opportunity – contributing to higher living standards worldwide. However, realizing the full potential of the digital economy is closely tied to the state of cybersecurity.
Cyber predators pose an existential threat to the health and vitality of the digital economy – which means they threaten the entire economy. Even greater cooperation by the private and public sectors is fundamental to addressing that threat. That cooperation can lay the foundation for a more secure business environment that contributes to more economic opportunity – and higher living standards – in the United States and worldwide.
How can private-public collaboration enhance your business’s cybersecurity? Let us know on Facebook, X, and LinkedIn. We’d love to hear from you!
Image Source: Shutterstock
MORE ON CYBERSECURITY STRATEGY
[ad_2]
Source link