Assessing the Cyber Threat to the Nation’s Water Supply
BOTTOM LINE UP FRONT — It’s a serious threat to the nation’s critical infrastructure that not enough people are talking about. That’s the view of […] More
OPINION — The world stands at an existential crossroads, torn between dueling visions for tomorrow. On the one hand, the United States, allies, and partners fundamentally agree on the rules and the norms of the international system. Choosing to build more security and resilience in this robust system is the only way to protect the interests of the free world. On the other hand, the authoritarian governments, such as Russia and the People’s Republic of China (PRC), are striving for a grim alternative. These governments are taking steps to bring about a “post-West” global order to further their regimes’ survival, territorial expansion, or quest for power and status.
U.S. adversaries are also vying to control the destiny of the 4th industrial revolution, which is merging the physical, digital, and biological worlds in ways that create both opportunities and risks. How authoritarian governments employ technologies like artificial intelligence (AI) and quantum computing could have profound long-term implications for U.S. national and economic security.
To advance their agendas, Russia, the PRC, and other adversaries are increasingly looking to wield cyber capabilities as instruments of power. Further, they are developing the technical means to harm the American economy through a range of malicious activities such as data theft and disruptive attacks, which fall under the umbrella of cyber-enabled economic warfare. Geopolitical tensions, meanwhile, are rising across the globe. Examples of this include the Russia-Ukraine war and the PRC’s stated desire for reunification with Taiwan.
Now more than ever, critical infrastructure owners and operators must proactively prepare for disruptive threats to digital systems and supply chains, including the potential for significant risks that cascade across sectors. Such threats may fall below the threshold of kinetic war but can still be consequential. No wonder most Americans are concerned about cyberattacks, particularly those targeting financial institutions and those emanating from the PRC and Russia.
9 in 10 Americans are concerned about cyberattacks on U.S. financial institutions | 7 in 10 Americans say the PRC and Russia are the biggest threat to U.S. cybersecurity | 6 in 10 Financial services firms are only in the early or intermediate stages of implementing the NIST Cybersecurity Framework |
Source: The Pearson Institute and The Associated Press-NORC Center for Public Affairs Research | Source: Cybersecurity Solutions for a Riskier World, ThoughtLab |
Key Steps to Take Now
Protect cloud deployments from today’s common problems and tomorrow’s challenges.
Fix misconfigurations, excessive privileges, a lack of visibility and compliance, and an overreliance on click-ops (manual activities) that can lead to widespread data spills and exposure of PII and financial data.
Use a threefold approach:
Looking for a way to get ahead of the week in cyber and tech? Sign up for the Cyber Initiatives Group Sunday newsletter to quickly get up to speed on the biggest cyber and tech headlines and be ready for the week ahead. Sign up today.
Implement steps to securing your data with Zero Trust
Moving to a zero trust architecture (ZTA) can be overwhelming. Organizations often need greater perspective to assess their current cybersecurity posture—and to determine where and when to modernize the infrastructure and capabilities within their current environment to best secure their critical data. Here is a four-step approach to identifying and deploying new cybersecurity solutions when moving to a ZTA:
Zero trust is not a security product for sale in the marketplace. It’s a journey propelled by a change in mindset that brings people, processes, and technologies together to deliver better cybersecurity outcomes.
Treat the anticipated cracking of public-key encryption by quantum computers as a current threat.
While most of quantum computing’s potential is more than a decade away, it is important to start investing in risk management now:
Identify critical assets that will be vulnerable to quantum attack and create a post-quantum cryptography (PQC) transition strategy sensitive to the risk that an adversary may capture inadequately encrypted information today for later decryption using a quantum computer (a “hold now, decrypt later” attack).
Develop comprehensive PQC testbed facilities to inform PQC algorithm selection in different use cases and anticipate network and infrastructure impacts, including latency and interoperability challenges.
Use the PQC migration as an opportunity to improve cryptographic agility. Develop network infrastructure and policies that enable rapid updates to cryptographic protocols in the event new quantum or conventional vulnerabilities are discovered.
By proactively anticipating and preparing for these future challenges, financial sector organizations can outpace emerging threats, build resiliency, and deliver continued reliability in support of national and economic security.
Sign up for the Cyber Initiatives Group Sunday newsletter to quickly get up to speed on the biggest cyber and tech headlines and be ready for the week ahead.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to [email protected] for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
Related Articles
BOTTOM LINE UP FRONT — It’s a serious threat to the nation’s critical infrastructure that not enough people are talking about. That’s the view of […] More
SUBSCRIBER+ EXCLUSIVE REPORTING — Russia’s reaction to the new infusion of U.S. aid for Ukraine has ranged from shrugs to fury, from warnings of nuclear […] More
SUBSCRIBER+ EXCLUSIVE REPORTING — When Chinese President Xi Jinping came to San Francisco last November to meet with President Joe Biden, Chinese pro-democracy activists in […] More
SUBSCRIBER+EXCLUSIVE EXPERT PERSPECTIVE — More than two years after its withdrawal from Afghanistan, the U.S. still does not have a clear way forward in the […] More
SUBSCRIBER+ EXCLUSIVE REPORTING — Ukrainians greeted Saturday’s long-awaited House passage of $60.8 billion in aid with justifiable jubilation. For months, their soldiers, civilians, and political […] More
SUBSCRIBER+ EXCLUSIVE REPORTING — A race for control of space is underway, and just as on earth, the U.S. and China are the top competitors. […] More
Search