The US losing in a half-century-long cyberwar against the rest of the globe. There is currently no cybersecurity strategy good enough to win cyber warfare.

And no one – not even the President of the United States – could survive a successful attack on our nuclear power plants, dams, railroads, water supply system, etc. Avoiding these risks is not only wise but critical to our national security. Every day without a strategy that can win a cyberwar is another day we’re losing in this half-century-long cyberwar.

The SolarWinds cybersecurity conference was the wake-up call America needed to recognize that it’s time to act.

Cybersecurity On the Verge of a Revolution

As President Obama comes to office, and officials strive to determine where the cyber-espionage threat originated, they need to recognize that all vulnerabilities are created equal. And they all need to be fixed. Because no one – not even the US government or its allies – is safe from a cyberattack.

With 25% of Fortune 500 companies hacked, half of all U.S. critical infrastructures at serious risk, and 100+ countries penetrated by our adversaries and proxies, it’s apparent we are already in a cyberwar and we have lost our advantage.

In order to regain our advantage, we need to create a new cybersecurity strategy: one that protects the U.S. and its allies against all vulnerabilities – from the ground up, not just from the top down.

Cyberwar is here and it’s still winnable. But we need to start now.

UNDERSTANDING CYBER THREATS IN A NEW WAY

For the first time in history, those who are winning in a cyberwar are not necessarily powerful countries with large militaries or advanced technologies. Instead, they are groups of hackers who weaponize internet vulnerabilities for political gain – most often using a kind of malware known as “advanced persistent threats” (APT).

APTs are not your typical cyberthieves. Most of these groups – from China, Russia, Iran, and North Korea – are directly or indirectly supported by governments. They have the resources and skills to take advantage of large-scale errors in corporate IT security practices. Cyber espionage is a high priority for many nations, and there are hundreds of APTs around the globe.

In the Middle East, Iran already has advanced cyber capabilities and President Ahmadinejad’s Strategic Cyber Center of Excellence is just one example. These groups are not just providing services to their governments but are actively creating and using malware that can siphon off intellectual property (IP), launch cyberattacks, and gain access to critical infrastructures.

Cyber warfare is here now, and it’s only going to get worse. In many ways, this is a war of defense – a war we are losing. We must become more proactive in protecting our IT infrastructure and prevent cyberattacks from happening.

CYBERCOMMAND SECURES THE INTERNET FOR THE U.S. GOVERNMENT

Every day our adversaries are working to find new ways to attack our critical infrastructure. The U.S. government needs an assessment of current and future threats, and how we can protect ourselves from them. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is a critical part of this effort: a federal executive agency dedicated to securing the nation’s vital infrastructures – from the power grid, water, transportation, communications systems, and financial networks that make up much of the world’s economy.

CISA provides cyber threat analysis and technical assistance by utilizing the highly developed skills of its personnel who are experienced in all aspects of managing cyber incidents within U.S. government organizations. CISA has a mandate to provide the U.S. government and its allies with the ability to respond to cyber incidents in a prompt and effective manner.

But CISA doesn’t have the right tools or capability to address all of our security challenges. The agency is focused on providing cyber threat analysis – not physical or operational security on its own infrastructure. Our national government and our critical infrastructures need a team of operators who can deploy cyber ops, protect our critical IT systems, and establish new digital security standards throughout the public sector – across all 50 states, Washington D.C., Puerto Rico, Guam, U.S. Virgin Islands, and the District of Columbia.

These teams need to inspect government IT systems for vulnerabilities, identify the threats, evaluate impact, and then create the best solutions – delivered at a national scale. If they can prove that this approach works, we can deploy new policies to address threats from compromised accounts on government computer networks to prevent them from infiltrating our critical infrastructure.

It’s time for cybersecurity to end its reactive mindset. The U.S. must take control of its future and secure our digital borders before it’s too late – because cyber warfare is already here and it’s still winnable. And there’s only one way to win: by creating a Cyber Command Center that protects the U.S.

In conclusion, we have seen the threat and we are now taking action. We need to keep our adversaries at bay and win this cyberwar – not just for today, but for the next 50 years. We’re winning, but we aren’t fast enough or strong enough to prevail.

Our adversaries are gaining traction against us and their threats – from APTs to nation-state attacks, cyber warfare to cyber hacktivism – are a growing concern for world leaders. It’s time to unite on this critical front and enhance collaboration among nations that share the same goals of protecting it all. The door is wide open; all we need is a plan that can win cyber warfare – a plan both the U.S. government and our allies can rely on to secure the Internet for the next 50 years.

Interested in how cyber threats are affecting the world today? Ransomware – Wreaking Havoc Across the World discusses the threat ransomware poses and how it is affecting the world today.

Thanks for reading…Please feel free to give us a call at 864-991-5656.

cyber warfareIf you would like TSVMap to assist your business with assessing your essential systems and applying the TSVMap methodology to ERP SystemsMRP SystemsCyber SecurityIT StructureWeb ApplicationsBusiness Operations, and Automation, please contact us at 864-991-5656 or info@tsvmap.com.