It's Time to Get Serious About Cyber-Security
By Samuel Greengard
Humans have a penchant for continually kicking the proverbial ball down the field. Why deal with a problem if it's not an emergency? Within the enterprise--where almost everyone is completely overworked and overloaded--we see this play out every day. What isn't positioned directly in front of a person's face or foot might as well not exist. There are simply too many balls to juggle--or kick.
However, it's important to know which balls are the most important. For CIOs and other senior executives, taking an eye off security can have dire consequences. Hacking and cyber-attacking are now endemic.
Last October, U.S. Defense Secretary Leon Panetta warned that a “cyber Pearl Harbor” was possible, if not eminent.
That statement was greeted by mostly yawns from the business community.
Yet, a Verizon study found that 96 percent of attacks against IT infrastructure occur simply because they aren't difficult. Four in five victims had a bull’s-eye painted on their sites because they were viewed as targets of opportunity.
Let's hope something wakes corporate and government executives from a Rip Van Winkle world-class slumber. After President Obama signed Executive Order 13549 on Feb. 12 (it attempts to build a framework for addressing cyber-security in a more holistic way), cyber-security began to grab headlines.
Then the other shoe dropped. The New York Times reported that the Chinese Army is launching major cyber-attacks against the U.S. There have been plenty of other reports that Iran and North Korea have launched cyber-strikes against U.S. banks and other institutions.
Observers say there's no time to waste, especially as cloud computing takes hold and organizations go digital. Financial institutions, hospitals, utilities, retailers and government networks are all at risk. "Unfortunately, U.S. critical infrastructure is vulnerable and security is weak overall," states Jonathan Gossels, president and CEO of SystemExperts, a Sudbury, Mass. security risk analysis consulting firm.
He's hardly alone. Michela Menting, cyber-security senior analyst at ABI Research, warns that we're approaching the tipping point and immediate action is necessary. "Hostile nations are picking the information superhighway apart and the U.S. risks losing a very costly digital advantage," she warns.
The takeaway? It's time for CIOs and others to stop kicking the ball and get on the ball.