We live in a world of digital convergence. Our banking accounts, credit cards, and financial daily activities are interconnected. Our interpersonal communications are more often than not via smartphones at social media apps. Our records, including personal medical histories, are all digitized and shared. We now conduct our daily lives in a world of algorithms.
Because of this expanding interconnectivity and digital commerce, there are security and privacy implications. We have also become increasingly vulnerable from hackers, phishers, and malware proliferating across all commercial verticals. Malware, viruses, and a nefarious trend of ransomware that impact our digital interface are becoming the norm.
In the past year alone hundreds of millions of private records from retail corporations, internet companies, and banks have been exposed. In government, most visibly as a result of the Office of Personnel management breach, millions of confidential records of employees were compromised. Recently, it was disclosed that 360 million records from MySpace were stolen in a breach.
There is a growing understanding of the seriousness and sophistication of the threats, especially denial of service attacks that can take entire ecosystem down. The list of adversarial actors is a large one that includes states, organized crime, terrorists, and loosely affiliated hackers. The recent cycle of major industry and governmental cyber breaches is emblematic of growing risk. The implications of the vulnerabilities can be severe. Former Department of Homeland Security (DHS) Secretary Hon. Tom Ridge noted that “a few lines of code can wreak more havoc than a bomb.”
Both government and the private sector have prioritized critical infrastructure as the primary focus of threat and response. Notably, 85% of the World Wide Web and most of the world’s critical infrastructure is owned and operated by private sector companies. Last year, DHS tracked more than 200,000 cyber incidents involving critical infrastructure in the United States. All critical infrastructure, including the electric grid, healthcare, transportation, communications, and financial networks are vulnerable and have been subject to cyber-attacks.
Digital convergence also requires a convergence in cybersecurity defenses and the development of next-gen cyber tools that include predictive security and analytics. Also, capabilities in information sharing, hardware, software, training and protocols must improve to be able to mitigate the multitude of potential hostile digital activities. Areas of identity risk management, including strong password protection, combined with biometrics authentication, require heightened attention and investment. And industry and government need to further discuss scenarios and establish working protocols and coordinated responses in regard to confronting the evolving threat matrix. Recent Congressional legislation has prodded the information sharing process along in 2016.
The digital convergence really has become a digital fusion. As all our devices and activities in our lives become more connected, cybersecurity will likely be the core digital factor that keeps us safe into the future.
About the Author:
Chuck Brooks serves as the Vice President for Government Relations and Marketing at Sutherland Government Solutions. He is also Chairman of CompTIA's New and Emerging Technologies Committee, Cybersecurity Market of the Year (Cybersecurity Excellence Awards), and on the advisory board of several companies and organizations. Brooks served at the Department of Homeland Security as the first director of legislative affairs for the Science and Technology Directorate. He also spent six years on Capitol Hill as a senior adviser to the late Sen. Arlen Specter (Pa.). He has an MA from the University of Chicago and a BA from DePauw University. Please follow him on Twitter @ChuckDBrooks and on LinkedIn.