Most Sectors Not Prepared for Cyber Attack, Yet the Chinese are Best at Cybersecurity?

The United Stats is perhaps the most-networked nation in the world. We use information technology networks to conduct business, bank, shop and even conduct warfare. One of the greatest assets of the U.S. infrastructure is the prevalence of IT networks. It allows us to access information rapidly and conduct essential transactions.

This absolute reliance on networks also serves as one of our nation’s greatest vulnerabilities. Previously, researchers demonstrated a power generator could be destroyed by hacking the system and causing an overload.

With the majority of critical infrastructure held by the private sector, the United States faces a series of unique challenges in defending domestic networks.

The New New Internet has learned McAfee, a computer security company, recently commissioned a study conducted by CSIS on the threats to critical infrastructure in cyberspace. The study, titled “In the Crossfire: Critical Infrastructure in the Age of Cyber War,” is the first of its kind to look at the problem globally.

The report contains a number of revealing findings regarding security throughout a variety of business sectors. There has been a marked increase in cyber attacks against companies and yet the global recession saw the slashing of funding at some IT departments.

Among the wide array of companies surveyed, 89 percent reported attacks involving malware, 60 percent reported theft-of-service attacks and over 70 percent reported a range of other attacks, including phishing and pharming. Around 30 percent of the companies surveyed also said that they had little faith in their banks and telecom providers’ ability to withstand attack. In the Middle East, 95 percent of respondents said that their sector was not prepared to handle Ghostnet-style attacks.

The report also highlighted some of the varied roles governments can and do play in cybersecurity. One aspect is partnering with the private sector.

Asha Mathew, senior council for the Senate Committee on Homeland Security and Governmental Affairs, said at the announcement of this report “without working in partnership with the private sector it would be very difficult for the federal government to achieve much of anything.”

The Department of Homeland Security has the lead role in handling partnerships with the private sector for critical infrastructure protection. Jenna Menna of DHS, said the department was “looking at ways to share that really meaningful information” with the private sector. Sue Armstrong, deputy assistant secretary for infrastructure protection at DHS, said “security is obviously a shared responsibility and I believe we need to push the public/private partnership.”

Nevertheless, only half of the respondents believe the laws in their country are adequate to respond to the threats in cyberspace.

In perhaps the strangest twist in the report, China received relatively high marks for ensuring companies are implementing cybersecurity protocols. China has uniquely close cooperation with officials, high levels of regulation and auditing, robust confidence in government and higher adoption of security measures. Chinese companies also report a lower level of cyber incidents than their counterparts in other major developing nations like Brazil and India.

In China, around 80 percent of respondents said the Chinese government had audited its security procedures. In another twist, the United States is viewed as a greater threat by the companies surveyed than China was (36 and 33 percent, respectively).

Dr. Phyllis Schneck, VP and director of threat intelligence for the Americas at McAfee, pointed to the importance of the report and what is at stake.

“The bad guys right now are better than we are and they are winning this war,” she said. “They don’t need meetings to do bad things.”

The report from McAfee can be accessed here

You may also be interested in...

GSA Eyes ‘On-Ramp’ Solicitation for OASIS Small Business IDIQ’s Six Subpools

The General Services Administration has announced plans to issue a solicitation as an on-ramp for the six subpools of the One Acquisition Solution for Integrated Services Small Business contract vehicle. GSA’s Federal Acquisition Service said in a presolicitation notice published Friday that it expects to award 30 contracts for subpool 1, 20 contracts for subpool 3 and eight each for subpools 2, 4, 5B and 6 of the OASIS SB indefinite-delivery/indefinite-quantity contract.

SSL to Design Methane Emission Detection Satellite; Richard White Quoted

Maxar TechnologiesSSL subsidiary has received a contract from Environmental Defense Fund to design and define requirements for a small satellite designed to detect and monitor methane emissions from oil and gas facilities worldwide. MethaneSAT is a small form-factor satellite that will work to provide high-resolution images to help detect and measure low- and high-emission sources in regions that constitute more than 80 percent of global production of oil and gas per week, Maxar said Thursday

Booz Allen’s Sarah St. Clair on Lessons Learned From HR Tech Upgrade Project

Sarah St. Clair, vice president responsible for human resource services at Booz Allen Hamilton, told Diginomica in an interview published Tuesday about the company’s experiences and efforts to address challenges associated with upgrading its HR technology system. St. Clair discussed Booz Allen’s move to execute the Workday project to manage recruitment operations and mentioned some of the actions the company made to mitigate negative impacts associated with project implementation.