lunes, 15 de mayo de 2017

Global ransomware attack reinforces message of Trump's new cybersecurity order | MercatorNet | May 15, 2017 |

Global ransomware attack reinforces message of Trump's new cybersecurity order

| MercatorNet | May 15, 2017 |







Message of Trump’s new cybersecurity order reinforced by ransomware attack

But the order won't succeed without government and industry working in tandem.
Sharon L. Cardash and Frank J. Cilluffo | May 15 2017 | comment 


Locking down the federal government. NicoElNico via shutterstock.com
cyberattack is sweeping the world, infecting thousands of computers and demanding their owners pay a ransom or risk losing all their data. The threat, which has affected the FedEx shipping companyseveral hospitals in the UK, a major Spanish telecommunications company, and many more, makes even more urgent the need to improve U.S. cybersecurity – both within the federal government and throughout our internet-connected society. The Conversation
President Trump’s new executive order on cybersecurity for federal computer networks and key elements of the country’s infrastructure – such as the electricity grid and core communications networks – builds meaningfully on the work of the Obama administration. It focuses on matters of common and bipartisan concern, meaning it is likely to avoid the disquiet and disorganization generated by other recent executive orders.
Cybersecurity is ultimately an exercise in risk management. Given the range of possible threats and the pace at which they may appear, it is impossible to protect everything, everywhere, all the time. But it is possible to make sure that the most valuable resources (such as particular networks and systems, or specific data) are properly protected by, at minimum, good cyber-hygiene – and ideally, more.
The executive order seeks to do just that, by calling on Cabinet secretaries and the heads of other federal agencies to follow the Framework for Improving Critical Infrastructure Cybersecurity, created by the National Institute of Standards and Technology under the Obama administration. That framework also figures prominently in the final report of Obama’s Commission on Enhancing National Cybersecurity.
Three key topics of the executive order are of particular interest because they suggest significant new developments in the federal government’s approach to cybersecurity. The order rightly highlights cyber-deterrence, the process of discouraging prospective attackers from actually trying to breach our systems. In addition, the order correctly identifies the electricity grid as needing stronger security – as well as the military’s warfighting capabilities.
Stepping up cyber-deterrence
One crucial element that has been largely missing from American cybersecurity efforts so far is cyber-deterrence. Just as nuclear deterrence let countries with nuclear weapons know that launching a nuclear attack would mean their own swift and sure destruction, cyber-deterrence involves making clear to prospective adversaries that attacks will either be too unlikely to succeed, or will be met by certain and severe retribution.
The executive order asks a wide group of senior government officials – the secretaries of Commerce, Defense, Homeland Security, State and Treasury, plus the attorney general, the government’s top trade negotiator and the director of national intelligence – to develop options for deterring cyber-adversaries (without specifying any in particular).
Deterrence must, by nature, be multi-dimensional: It has to include a variety of obstacles to incoming attacks, as well as potential consequences for attackers. Coordinating diplomacy, military and economic efforts will be crucial to presenting a unified front to would-be adversaries.
This is not to say that a one-size strategy will fit all. To the contrary, besides a robust general posture, the U.S. must also tailor its specific deterrence efforts to make sure they are effective against individual potential adversaries.
Protecting the grid and the military’s warfighting capabilities
The executive order also calls for additional protection of the electricity grid against cyberattacks. The potential is not hypothetical: Ukraine’s grid was attacked twice, in December 2015 and December 2016.
And it calls attention to the military’s industrial base, including its supply chain – which collectively produces, delivers and maintains weapons systems and component parts that are necessities for the Department of Defense. A successful cyber-attack on key suppliers could hamstring America’s armed forces as much as a physical incursion against them on the battlefield.
Yet, as important as it is to identify and remedy existing vulnerabilities, the better course is always to design computer systems securely in the first place. The executive order focuses more on the former than the latter, since we must work with the capabilities and equipment we have, rather than just those we would wish to have.
Basic guidance
More generally, the executive order discusses and reinforces the basic principles of good cyber-hygiene. For instance, it emphasizes the significant risks to departments and agencies, and the citizens they serve, if known vulnerabilities remain unrepaired. For instance, without proper protections, taxpayer records, Social Security data and medical records could be stolen or fraudulently altered.
Sadly, this is a vital issue. Recent testimony from the Government Accountability Office documents the widespread problems government agencies have failing to install routine security upgrades and even using software so outdated the company that created it no longer supports it.
But the executive order also looks to a future federal government that takes advantage of cloud computing and the Internet of Things. The document not only calls for safeguarding existing networks and data; it declares the importance of systematic planning for future technological upgrades and advances, to manage risk effectively. Maintenance and modernization both matter, and both must be done securely.
Overall, the order is a solid document, with guidance that is both measured and clear. Key to its success – and ultimately to the country’s security in cyberspace – will be the relationship the government builds with private industry. Protecting the country won’t be possible without both groups working in tandem.
Frank J. Cilluffo, Director, Center for Cyber and Homeland Security, George Washington University and Sharon L. Cardash, Associate Director, Center for Cyber and Homeland Security, George Washington University
This article was originally published on The Conversation. Read the original article.
- See more at: https://www.mercatornet.com/features/view/message-of-trumps-new-cybersecurity-order-reinforced-by-ransomware-attack/19798#sthash.ch72CIJr.dpuf



MercatorNet

May 15, 2017

I’d just like to get something off my chest. Why are coffee shops going so silent? Between the gaggle of friends giggling over their own mobile phones and the solitary geeks tapping away at their laptops, the art of caffeinated conversation is in danger of vanishing.
That’s why I welcome and commend the bold decision of a Toronto café (featured in the New York Times as the cusp of an epoch-defining moment) not to offer WiFi. Without WiFi, there’s laughter and banter and conversation. With it, a grim, nerdy silence.
“It’s about creating a social vibe,” the owner of HotBlack Coffee told the Times. “We’re a vehicle for human interaction, otherwise it’s just a commodity.” Amen. Bring back the human stuff. Which basically defines what MercatorNet is all about, as you can read below. 


Michael Cook 
Editor 
MERCATORNET



Do we have a right to a child?
By Michael Cook
Surrogacy is included in a payout to a Canadian woman injured in a horrific car accident
Read the full article
 
Message of Trump’s new cybersecurity order reinforced by ransomware attack
By Frank J. Cilluffoand Sharon L. Cardash
But the order won't succeed without government and industry working in tandem.
Read the full article
 
Culture spotting: the celebration of new life
By Patrick F. Fagan
There's a lot to look forward to.
Read the full article
 
Boys outsmart thief and magician
By Jennifer Minicus
A fun fairy tale is back in print.
Read the full article
 
What we love about mothers and motherhood
By Tamara El-Rahi
Motherhood: thoughts from young mums.
Read the full article
 
Cormac McCarthy: Clinging to hope in a devastated world
By Michael Kirke
The writer’s harrowing visions challenge us in our comfort zones.
Read the full article
 
Religious belief predominates in former communist countries
By Carolyn Moynihan
Eastern and central Europe 25 years after the fall of the Iron Curtain.
Read the full article
 
The message from Fatima
By Michael Cook
Apparitions of the Virgin Mary a century ago are still relevant
Read the full article
 
Save an Italian village from abandonment ...
By Marcus Roberts
...by moving there!
Read the full article
 
Why Conservatives should be Environmentalists
By Nathan J. Beacom
The pre-political demands of our shared home unite us.
Read the full article
 
Dad and daughter dynamics
By Helena Adeloju
Some tips from the father of four girls.
Read the full article


MERCATORNET | New Media Foundation 
Suite 12A, Level 2, 5 George Street, North Strathfied NSW 2137, Australia 

Designed by elleston

New Media Foundation | Suite 12A, Level 2, 5 George St | North Strathfield NSW 2137 | AUSTRALIA | +61 2 8005 8605 

No hay comentarios: