As hackers become more efficient in use of advanced breach strategies, the Government’s concern continues to grow on how to best protect organizations who are especially at risk.
Among those who are the most vulnerable, the private sector ranks high in failure to take the proper steps to protect themselves from potential threats from the inside-out.
Detecting breaches before they happen can be a trying effort, but there are evolving and effective ways that can assist an organization in doing so. The use of cyber intelligence in both the U.S. private and public infrastructure is growing and in good reason.
According to Wise Geek, cyber intelligence is the tracking, analyzing, and countering of digital security threats. This type of intelligence is a blend of physical espionage and defense with modern technology.
Those who have experience in the field of cyber intelligence can work with businesses and organizations to implement anti-virus programs, as well as effectively sifting through large quantities of detailed code and sensitive information in search of potential cyber security threats.
Cyber security has become such a crucial subject within our nation’s government that in February of 2015, President Obama signed executive order 13691, which enhances the ability for organizations to share information about cyber threats with one another. The order also encouraged the formation and development of Information Sharing and Analysis Organizations (ISAOs). Not only limited to the private sector, President Obama specified that ISAOs be organized “based on sector, sub-sector, region or any other affinity, including in response to particular emerging threats or vulnerabilities.”
The order also addressed the National Cybersecurity and Communications Integration Center that was established under the Homeland Security Act of 2002. The order emphasized, “The NCCIC shall engage in continuous, collaborative, and inclusive coordination with ISAOs on the sharing of information related to cyber security risks and incidents, addressing such risks and incidents, and strengthening information security systems.”
Why Don’t All Organizations Use Cyber Intelligence for Added Protection?
With strong instruction from our own president, why are organizations within the private sector still reluctant to participate in cracking down on their own cyber security measures? While hiring teams of IT professionals may sound like a no brainer, many organizations still see this move as a financial risk that they’re not yet willing to take.
Because cyber security is still a very new concept in the business world and beyond, companies are less willing to hire staff dedicated solely to monitoring its systems, especially when the organization itself has yet to experience any inclination of a threat or vulnerability within its networks.
Just last year the U.S. experienced repeated cyber-attacks from Chinese hackers, despite a newly issued cyber-agreement with the United States.
California-based cyber security tech company Crowdstrike stated that it “documented seven total Chinese attacks against U.S. technology and pharmaceutical companies where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security related intelligence collection.”
In the President’s Executive Order, it is made clear that incentives need to be offered to gain the necessary participation from the private sector, in addition to organizations still leery of the idea of implementing serious cyber security protocol, despite recurring cyber-attacks from outside threats each year.
The question remains, why haven’t these incentives been offered?
There has yet to be a government group or department to come out with a cyber incentive program, and it has not been determined what area of the government would take the reins of regulating and updating the program once created.
When they are formally implemented, cyber security guidelines and incentives must be both broad enough to cover a wide range of issues specific to their sector, and be ever-advancing to stay ahead of evolved forms of viruses and malware.
Though it may be a continued wait for proper cyber security guidelines to be followed throughout the U.S. infrastructure, the government continues to make pushes for communication within all parties.
Sharing cyber intelligence throughout our communities and especially within the workplace is not only knowledge gained, but more importantly, information protected.