The cybersecurity industry is rapidly changing and continues to be at the forefront of national security policy discussions. It is evident that there is an upward trend line of defensive measures, capabilities, and tactics used to stop the various risks that exist in the cyber space. Unfortunately, as many of us have seen in the news, attackers and threats are generally 1 or 2 steps ahead. It is the job of cybersecurity practices to understand and operate new defensive measures and threat-resistant capabilities coming into existence.
There are cybersecurity firms in the industry that retain capabilities others do not have in the operational and threat assessment space. Firms like Nisos Group, “maintain a deep understanding of threats and how attackers operate. Often, cyber security firms operate in a vacuum and do not understand real threat actors. Each of the individuals at Nisos has at least a decade of experience in cybersecurity, fighting state and non-state actors in cyber space including the targeting and analyzation of vulnerabilities from China and Russia,” says Justin Zeefe, Co-founder and Strategy Office at Nisos Group.
One of the defining factors in cybersecurity history has been the understanding and appreciation of differences between state and non-state actors. In recent years, these lines have been blurred and fused together to where it is now almost impossible to delineate between a government sponsored cyber-attack or a single hacker in a remote part of the world.
Attacks can be designed similarly and cause the same destruction on networks or systems. What is different about the cyberwarfare landscape versus any other battlefield is that you could be fighting a lone actor, an organized hacking group, a government employee working on behalf of a foreign intelligence agency, or a type of cyber mercenary who is a non-state actor, but is funded by a government organization to help separate themselves from the actions taking place. This is unique for the cyber landscape and requires different levels of attention depending on the attack. Keefe was sure to highlight that in these changing times, “85% of cyber criminals are affiliated with traditional organized crime and understand that there is less of a risk to crime syndicates to fund cyber-crime rather than traditional organized crime.”
Changes in Cybersecurity
Technology is changing so quickly that you can only really look at the development of cyber capabilities several years at a time. No one knows where technology will go and what direction it will take to get there. Looking into the future, experts believe that the trend may move towards insider threats rather than outside criminals. In this manner, the bad actors would be looking for people with valid access to the network they are targeting rather than trying to work from the outside in. The second possibility is that there is a market for hackers and criminals that could be paid to go into a network and plug a USB in to access the desired information. This is similar to a more traditional form of espionage.
As cyber threat actors continue to adapt to new defenses, it is imperative that security experts continue to try and stay ahead of ever-changing threat capabilities. To achieve this dominance in the space, cyber security professionals must understand the ground rules and what the hackers are trying to achieve. Most importantly, identify which actions pose the most danger to the network or system. For cyber issues, it is important that organizations address these issues on a rolling basis rather than quarterly or over a period of time. It is important to utilize penetration tests and receive appropriate suggestions on how to detect threats and attacks by analyzing what threats are identified.
Security vs. Privacy
Recently, proposals regarding security versus privacy have dominated conversations on the House floor and in the media. This has been a hot topic as encryption messaging programs have been commonly used by terrorists, including those in the San Bernardino attacks. Experts see it as ludicrous to think that you can legislate in such a way to get rid of encryption. The reality is that you can’t because it is already happening and there is no way to stop it. It is assured that as technology gains the ability to quickly decrypt code, new forms and ways of encryption will further challenge the process and the cycle will continue.
It is with these emerging capabilities that governments, corporations, small businesses, and individuals must remain aware and alert to these imposing risks we face every day by simply logging into our computers. As we continue to become more and more computerized, these risks will only grow exponentially into the future. It is with that understanding that it remain imperative to leaders that cyber continue to be a main subject in our political and national security discourse.