The latest victim of the increasing number of cyber attacks On US businesses and infrastructure, Americans trust their government to protect them from future attacks. There are nine ways to restore that confidence.
- 53% of respondents did not trust the strength of the US government infrastructure to protect the American people from cyberattacks.
- 88% of adults in the United States said that organizations and government agencies need better data security systems in place to protect them from the increase in remote third-party attacks.
SecZetta’s collective survey of 2,085 US adults aged 18 and over was conducted online between June 29 and July 2, 2021.
Current security vulnerabilities
The company said, “The recent high profile security breaches, including Solar Winds, Colonial Pipeline and JBS Foods, have highlighted the vulnerability of businesses to cybercrime, and especially ransomware attacks. What is remarkable about the recent attacks is how data breaches can quickly impact aspects of daily life, such as the ability to fill up a car with gasoline or buy meat in the supermarket. To restore consumer confidence, respondents say companies need to invest in advanced technology systems that will help proactively reduce the risk of third-party cyberattacks. “
“The surge in high-profile cyberattacks in recent months has shown how easy it is for malicious actors – whether humans or bots – to infiltrate a company’s data security infrastructure, creating havoc for the company and potential harm to consumers,” said David Pignolet, founder and CEO of SecZetta.
Nine Ways to Restore Public Trust
There are several ways the US government can restore public confidence in its ability to protect the public from cyberattacks.
Susan St. Clair, Director of Product Management Development at WhiteSource, commented, “The US government needs[s] to hold their own authorities and organizations more accountable if they fail to comply with safety regulations and guidelines.
“How can Americans trust their government’s cybersecurity capabilities when they see a report from the Senate Homeland Security Committee claim that eight critical agencies are failing to protect their sensitive information? Right now, each agency is accountable for its own cybersecurity efforts and this creates a lack of consistency that requires more coordination, investment and accountability if the US is to have adequate national security infrastructure, ”she said.
Tom Kellermann is Head of Cybersecurity Strategy at VMware Inc. and a member of the Cyber Investigations Advisory Board of the US Secret Service. He advised: “The US government can take a variety of measures to reassure the public that they are taking active and effective steps against the growing threat of cyberattacks. One of the most immediate steps is for the FBI and US intelligence to actively publicize and communicate their prosecutions of members of the international cybercrime cartel. The US government should announce that it is consistently pursuing bad actors and bringing them to justice. “
Expired Assets Fund
“Additionally,” advised Kellerman, “federal law enforcement agencies could set up a fund for expired cybercrime assets that could then be invested in cybersecurity budgets for state and local governments. In a similar way, KAG should start allocating critical infrastructure grants for cybersecurity investments, and Congress should set cybersecurity funding in the Infrastructure Act. The SEC and FTC should also bring regulatory powers to the issue, mandating that companies have a Chief Information Security Officer (CISO) reporting directly to the CEO. “
Communication and action
Michael Grimm is Vice President at Reputation Partners, a national strategic communications company. He recommended “communicating with the American people how the government is ready to defend itself against the next cyberattack, how the US government has managed to defend itself against cyberattacks and take action against future cyberattacks”.
Benny Czarny is an expert in cybersecurity and data protection as well as the founder and CEO of OPSWAT, an infrastructure protection company. He said, “First and foremost, government and the private sector must officially assume joint responsibility when it comes to cybersecurity and the protection of critical data and resources.
“Implementing a Zero Trust Framework As part of this shared responsibility, confidence in the US security situation can also be built, as strict policies and technologies must be implemented as part of risk prevention, detection and mitigation, ”he advised.
Standardization, modernization and a good attack
James Carder, Chief security officer at LogRhythm, said the government must:
- “Standardize security controls and defense measures and finance and enforce these uniform measures for all authorities and sectors of critical infrastructures.”
- “Make sure that modern defenses, technologies and best practices are used across the board. That means enforcing security measures in their supply chain and requiring members of that supply chain to adhere to the standardized controls and countermeasures and best practices that apply to each agency. “
- “Prove to the American people that they can defend the country first, and sometimes a good offensive, or even fear of a good offensive, can serve as a good countermeasure and defense. I believe adequate counter-strike to demonstrate our own offensive cyber capabilities is also on the horizon and would let the American people know that we have the means to fight back. A superpower needs to have both a good offensive and a good defense, and the US government needs to show that to the American people. “