It’s easy to take for granted the services we use on a daily basis: public transportation systems to commute, mobile networks to communicate on smart phones, and electricity to power our businesses and homes. And many of these systems primarily operate via an internet that connect billions of smart devices.
The ability to interconnect billions of systems and devices is both a blessing and a curse, and it can put us one vulnerability away from a cyberattack that greatly affects our physical world.
With 24 billion connected devices expected worldwide by 2020 and even more emerging technologies that will require Internet of Things (IoT), cybersecure networks and systems must be top of mind for policymakers, citizens and the private sector. Otherwise the U.S. economy will suffer severely.
Not too long ago, Atlanta experienced a ransomware attack and became all too familiar with its catastrophic consequences which included data losses, financial losses and growing distrust in government. Many online government processes reverted back to the pre-internet era as police officers filled out citations by hand and officials manually processed cases at the Atlanta Municipal Court...to name a few. But more importantly, significant amounts of information were lost, including nearly all of the police department’s archived in-vehicle footage – information that could help determine a citizen’s convictions. Clearly, Atlanta’s city government was unprepared to protect and respond to such threats; as a result, the city could face more than $17 million in damages.
Atlanta could have been much worse, but it does serve as a wake-up call for many government officials: Cybersecurity is just as important in the private-sector as it is in the public-sector.
So, what happens when a bad actor attacks the nation’s most critical infrastructure and how should both the public-sector prepare/react?
Create a Cyber Strategy: Just like in the private sector, as CompTIA outlines in “Building a Culture of Cybersecurity: A Guide for Corporate Executives and Board Members,” the public sector must be conscientious of what to do if a cyberattack occurs. Taking steps to prevent vulnerabilities is key but understanding how to respond could be the difference between a small or large financial and data loss and more importantly, lives saved or lost. Thinking through this
Work Hand-in-Hand with the Private Sector: The private-sector doesn’t have every cybersecurity answer, but outside perspective is always necessary when identifying vulnerabilities in systems. Many companies are testing and attacking systems every day to detect flaws.
Train Employees and Hire Cybersecurity Professionals: Don’t assume every employee knows what a phishing email is and how to identify it. Promoting a culture of cybersecurity means teaching all employees what’s right and wrong.
In addition, hiring cyber professionals will better position federal, state and local entities to deal with these rather technical IT issues. As more government services go digital, the public-sector will need this expertise to identify assets and how to safeguard them.
The U.S. economy depends on the country’s critical infrastructure, which supplies food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this would impact our nation severely for years to come.
CompTIA members are on the front lines of securing the nation’s infrastructure, and they are committed to working with the government on the federal, state and local level to ensure the most innovative cybersecurity solutions are developed and delivered to keep our nation safe.
