1. Cyber attacks against critical infrastructure are coming !
2. The public and private sectors need to link arms to address the new cyber reality !
3. Breaches are inevitable, so resilience is critical !
Attacks on critical infrastructure are the new front in the battle for Cybersecurity !
Breaches are inevitable ! Private & Public Sectors, Business Resilience is critical !
CEOs, is your Cie Cybersecurity-Ready ?
Resilience is critical.
While much of the conversation in Davos centered around Europe’s refugee crisis, cybersecurity dominated the agenda. At a dozen public and private sessions, CEOs and heads of state focused on three trends:
Cyber attacks against critical infrastructure are coming
In just two years, the threat posed by cyber attacks has increased exponentially.
In 2014, tens of millions of credit cards were stolen from large retailers. While embarrassing, the damage from these attacks was limited because banks immediately cut off the cards and consumers weren’t held liable for fraudulent charges.
In 2015, there was an even more damaging attack: the social security breach. Hackers wanted to access a piece of data that could not be readily changed—and you only get one social security number. Tens of millions of SSNs were misappropriated from health care companies and the Office of Personnel Management.
[vsw id=”cnXnv5T6MSg” source=”youtube” width=”425″ height=”344″ autoplay=”no”]
As frustrating as the incursions of 2014 and 2015 have been, 2016 may be characterized by something more concerning still: cyber attacks on critical infrastructure.
Just weeks before Davos, a successful cyber attack on Ukraine’s utilities disabled a substantial portion of the country’s electric grid. According to the Department of Homeland Security, the form of malware deployed in the Ukrainian attack, dubbed “Black Energy,” has also been seen in the U.S. Within days of the attack, General Michael Hayden, who served as director of both the NSA and the CIA, warned “of a darkening sky” over the U.S. power grid.
According to Lloyd’s of London, a sophisticated cyber attack on the power grid in the northeastern U.S. could cause $1 trillion in damages. As a measure of comparison, the 2011 earthquake and tsunami in Japan caused $300 billion in economic damages, while the price tag for Hurricane Sandy was $100 billion.
As if that were not sobering enough, a report issued last week by the Nuclear Threat Initiative in the run-up to Davos asserted that civilian nuclear plants in 20 different countries are potentially vulnerable to cyber attacks.
The public and private sectors need to link arms to address the new cyber reality
Recent headlines spotlighting a bitter feud between the government and tech industry around whether to allow a backdoor to encryption seemed a world away from the discussions in Davos. On multiple occasions, government leaders and business executives pledged greater collaboration and mutual support. This newly cooperative tone is based in pragmatism and reflects a simple conclusion from leaders on both sides of the public-private equation: No one is immune to cyber attacks, and we are all in this together.
A year ago, the World Economic Forum established a cyber crime task force to bring government and industry closer together. Chaired by the former head of the Swiss police, the Steering Committee included the secretary general of Interpol, the director of Europol, and numerous corporate executives. To the pleasant surprise of those involved, U.S. Attorney General Loretta Lynch showed up in Davos this year and embraced the recommendations articulated by the task force for a public-private partnership to address cyber challenges.