LONDON—One year ago, Control Risks highlighted two prominent cyber trends and made four predictions for 2015. While none of those predictions appear particularly revelatory in hindsight, they have all proven correct and, along with the trends discussed then, are likely to continue through the year ahead. Moreover, they provided a brief snapshot of the dynamism of the cyber threat landscape, a snapshot that I will look to expand upon in this year’s edition of our cyber security trends to watch.
The role of geopolitics and the emergence of cyber deterrence
Recalling a theme from last year, the first point to note is that geopolitics will be the core determinant of the shape and severity of the cyber threat many public and private sector organizations face. As countries grapple with the uncertainties and vicissitudes of contemporary international relations, it is becoming increasingly clear that cyber deterrence will eventually become a core pillar of 21st century diplomacy. The US is currently working out the finer points of its official cyber deterrence policy and, through websites directly linked to state-run media outlets, the Chinese military has given a fairly clear indication of its own. Russia, on the other hand, has already put its approach to cyber deterrence into action, regularly carrying out retaliatory operations seemingly intended to punish and shape the decision-making of strategic rivals and erstwhile allies. Likewise, North Korea has episodically lashed out with disruptive attacks against identified adversaries, knowing that its self-contained internet infrastructure largely protects it from external cyber retaliation.
Alarmingly for business, the majority of apparent cases of cyber deterrence involved targeting of commercial entities. This reflects the imperative role that corporate enterprises play in ensuring that, at a fundamental level, populations are provided with basic commodities like electricity, food, water, fuel and the ability to communicate. It is also indicative of the internet’s status as the backbone of any modern society. Because they deliver a privately-owned public good, critical national infrastructure (CNI) providers are likely to bear the brunt of nation-states’ deterrent cyber attacks. There is little prospect of many of the more outlandish doomsday scenarios put forward about cyber operations against CNI being realized. Nonetheless, the threat is real and growing.
Formerly, Iran was assessed by many observers in the Western intelligence community as one of the nations most likely to conduct a destructive attack against their core industries. However, the lifting of US and international nuclear sanctions will bring about a step change in Iranian operations that will reshape the nature and potentially reduce the scope of the Iranian cyber threat to the West. Namely, there will be a transition from cyber operations almost solely focused on developing situational policy awareness and collecting target-specific intelligence with a view to future disruptive attacks, to a situation in which cyber-enabled corporate espionage becomes increasingly prominent.
Read More: http://www.forbes.com/sites/riskmap/2016/03/08/cyber-security-trends-to-watch-2016/#629e505a1a36
The role of geopolitics and the emergence of cyber deterrence
Recalling a theme from last year, the first point to note is that geopolitics will be the core determinant of the shape and severity of the cyber threat many public and private sector organizations face. As countries grapple with the uncertainties and vicissitudes of contemporary international relations, it is becoming increasingly clear that cyber deterrence will eventually become a core pillar of 21st century diplomacy. The US is currently working out the finer points of its official cyber deterrence policy and, through websites directly linked to state-run media outlets, the Chinese military has given a fairly clear indication of its own. Russia, on the other hand, has already put its approach to cyber deterrence into action, regularly carrying out retaliatory operations seemingly intended to punish and shape the decision-making of strategic rivals and erstwhile allies. Likewise, North Korea has episodically lashed out with disruptive attacks against identified adversaries, knowing that its self-contained internet infrastructure largely protects it from external cyber retaliation.
Alarmingly for business, the majority of apparent cases of cyber deterrence involved targeting of commercial entities. This reflects the imperative role that corporate enterprises play in ensuring that, at a fundamental level, populations are provided with basic commodities like electricity, food, water, fuel and the ability to communicate. It is also indicative of the internet’s status as the backbone of any modern society. Because they deliver a privately-owned public good, critical national infrastructure (CNI) providers are likely to bear the brunt of nation-states’ deterrent cyber attacks. There is little prospect of many of the more outlandish doomsday scenarios put forward about cyber operations against CNI being realized. Nonetheless, the threat is real and growing.
Formerly, Iran was assessed by many observers in the Western intelligence community as one of the nations most likely to conduct a destructive attack against their core industries. However, the lifting of US and international nuclear sanctions will bring about a step change in Iranian operations that will reshape the nature and potentially reduce the scope of the Iranian cyber threat to the West. Namely, there will be a transition from cyber operations almost solely focused on developing situational policy awareness and collecting target-specific intelligence with a view to future disruptive attacks, to a situation in which cyber-enabled corporate espionage becomes increasingly prominent.
Read More: http://www.forbes.com/sites/riskmap/2016/03/08/cyber-security-trends-to-watch-2016/#629e505a1a36
No comments:
Post a Comment