Cyber Criminals Collaborate To Counteract Threats; So Should We
Every month, a new cyber attack makes headlines, startles consumers, and spurs calls for action and new legislation to mitigate emerging cyber threats. By almost any statistic you choose, the risk to Government agencies, corporations, and consumers is escalating.
In 2013, MacAfee catalogued more than 100,000 new pieces of malware a day. The Washington Post reported the likely annual cost of cybercrime to the world economy at $445 billion dollars in 2013, and the number of detected cyber attacks in 2014 increased a staggering 48% over the previous year.
These attacks can be perpetrated by states, terrorist or organized criminal groups, or individual criminals. They target any number of Government, corporate, and individual victims. Cyber criminals have embraced the open-source ethos of the World Wide Web, allowing them to collaborate and learn from each other to rapidly enhance their capabilities.
Countering these threats requires increased collaboration between the Department of Homeland Security (DHS), private industry, other Civilian Government Agencies, and international partners. For years, lawmakers and leaders have struggled to draft laws and rules that are flexible enough to meet the rate of improvements in technology while also safeguarding civil liberties and personal privacy.
In February 2016, the Government adopted a Cybersecurity National Action Plan (CNAP), combining short-term tactical improvements with long-term strategic goals. Hopefully, the CNAP will promote increased responsible information sharing between Government, industry, and international partners. DHS will play a key role in facilitating that information sharing and promoting enhanced cybersecurity capabilities within the Federal civilian government and the private sector. New ways of working together, whether in real time or through collaborative innovation sessions, must be a key part of the solution.
Transforming the National Protection and Programs Directorate (NPPD) into an operational component called the Cyber and Infrastructure Protection Agency is just one possible way forward as DHS seeks to be more proactive and embrace its role as the domestic cyber guardian. The new agency could proactively identify and pursue cybersecurity needs across Federal, state, and local governments and in the private sector.
To achieve this, the Government needs to think radically differently to design a collaborative environment that starts with the private sector’s needs and innovations. It can’t be done with traditional outreach efforts. It can be done using an innovative, user-driven, design thinking approach that can overcome similar collaboration among cyber criminals.