Ethan Caldwell, current Chief Development Officer of MixMode, Inc., has spent 20 years in the C-Suite of US public companies.
This article was written by Ethan Caldwell - Forbes Councils Member
Forbes - November 14, 2022, 07:00am EDT
There is a dark and frightening secret that a majority of U.S. government and business leaders are ignoring, concealing and ultimately failing to address. Today, every U.S. company and government agency is incapable of deterring sophisticated cyber-attacks from cyber threat actors. Employees, shareholders and constituents have little to no idea about the magnitude of the risks that are being kept from them. It is time for U.S. government and business leaders to stop passing the buck and tell the truth about what our nation’s most senior government cybersecurity expert, Jen Easterly, has warned is the “defining threat of our time.” The Problem Cyber threat actors are engaged in a daily war against the U.S. that takes place largely unknown to the public. The Office of the Director of National Intelligence reported this year that cyber threat actors are utilizing sophisticated technologies to “advance their exploitation of the U.S. economy.” Targets of threat actors are frequently state and local government agencies, including emergency services such as hospitals, 911 call centers, police departments and airports. But the targets also include virtually every business in the U.S. In fact, the cyber threat actor activity is so pervasive in the U.S. that CrowdStrike’s head of intelligence recently described it as “endemic—at this point they’re everywhere." Cyber security professionals are well aware that everyday cyber threat actors probe thousands of U.S. businesses as well as U.S. federal, state and local agencies. The bulk of their activity is intelligence gathering about vulnerabilities to exploit. This intelligence, in turn, provides them with future attack vectors. Traditionally, cyber threat actors have followed a relatively consistent pattern: cyber threat actor probes to find vulnerabilities, gains access, steals data and then demands ransom payments. Increasingly, however, cyber threat actors have been showcasing their capabilities to completely shut down or significantly disrupt the business and operations of their targets. These disruptive cyber capabilities, coupled with their growing system vulnerability intelligence, mean cyber threat actors are now capable of launching a widespread, coordinated cyber-attack against the U.S. Put in non-cybersecurity terms, this means the U.S.’s greatest adversaries have immediate capabilities to attack our gas, energy and power, companies, banks and financial markets, 911, police and emergency services, schools, airports, phones and internet providers. Any wide-scale cyber-attack against U.S. public and private sectors designed to shut down or significantly disrupt systems would be devastating. How did we get here? The root of the problem contributing to this precarious situation is twofold.
First, we have a significant technology systems problem. Rapid advances in AI have rendered what five years ago were leading threat-detection technologies incapable today of providing accurate real-time visibility into cyber threat actors. AI-powered technologies enable cyber threat actors to effectively subvert traditional signature-based detection tools currently relied upon by the vast majority of cybersecurity threat detection tools. Even if a U.S. business or government agency is able to detect the threat actors, too frequently, the geo-blocking mechanisms relied upon to block the cyber threat actors prove ineffective. Virtual Private Networks and proxy servers enable threat actors to circumvent firewall technologies, frequently unknown to cybersecurity teams relying upon these firewall technologies to block identified cyber threats.
Second, we have a people problem. The U.S. lacks enough skilled cybersecurity professionals. Filling the skilled worker gap is taking too much time. Our adversaries have provided state funding to create armies of highly skilled cyber threat actors. While the U.S. private and public sectors play catch-up, our adversaries continue their daily wins against our stretched, ill-equipped cyber defense teams.
Moving Toward Effective Solutions The only way to win the cyber war is through a concerted private- and public-sector effort. Cyberdefense must become a regular agenda item in company executive management, board as well as government leadership meetings. Information about all cyber-threat activities taking place across each organization should be shared and understood. Those results for many leaders will be both sobering and frightening. Understanding the magnitude of the cyber threat risk, leaders will then be forced to shift their focus to available resources and technology solutions that will materially improve cyber security defenses.
Emerging technology solutions are now available with proven capabilities to detect sophisticated cyber threat actors. Most cybersecurity defenses are reliant upon software to detect cyber threats that have been trained on volumes of historical network data. This data has been normalized for search and investigation, surfacing anomalous behavior that deviates from historical behavior. Advances in AI enable cyber threat actors to circumvent signature-based firewalls, endpoints and cybersecurity systems. New 3rd-wave AI cyber threat detection solutions, capable of creating automated, evolving and generative behavior baselines, are proving to be far more difficult for threat actors to circumvent. These advanced new threat detection technologies offer tremendous promise and are being utilized in many next-gen cyber defense systems.
Contemporaneously with improving the tech stack of cybersecurity defenses, leaders must place increased emphasis on hiring, training and retaining skilled cybersecurity professionals. This can be accomplished through a number of means, the most important of which is the allocation of an increased budget for cybersecurity personnel. Private-sector companies that have experienced firsthand attacks from threat actors almost without fail promptly increase the size and skill set of the teams responsible for cyber defenses. Given the magnitude of the threat actor activities across the U.S., this trend must stop. Budget dollars for both new technologies and more skilled cyber defense personnel must be prioritized before attacks are launched.
The Responsibility Lies With You Cyber threat actors are winning cyber war battles every day, everywhere. The risks to every U.S. company and the public sector can no longer be minimized. Winning this war requires significant change, starting at the top. Leaders must wake up and begin to prioritize modernizing their technology systems and cyber defense systems. Before that process can begin, each leader in the private and public sectors must candidly acknowledge what we face.