It's been an active year in cybersecurity.Â Washington & Beijing reached a historic agreement around cooperation for curtailing digital espionage, the US government suffered itsÂ largest known data breach, & there was a seemingly endless stringÂ of breaches & hacks.
Looking ahead to 2016, there's little indication from experts that online threats will be any less numerous or menacing. But there is optimism that groundwork laid this year could pay dividends in the year ahead. That's especially the case regarding negotiations with China to thwart commercial hacking, saidÂ Ellen Nakashima, national security reporter at The Washington Post.
"Itâ€™s a combination of these tools & these measures by the US as well as expressions of concern by others â€“ industry & academia â€“ that could start to move the needle next year," Ms. Nakashima said.
Podcast: Microsoft's Angela McKay on building global cybersecurity norms
Nakashima joined a panel ofÂ cybersecurity & legal experts to discuss some of the most pressing trends in cybersecurityÂ at an event hosted by the Atlantic Council think tank in Washington. Passcode was the exclusive media partner for this Cyber Risk Wednesday event. Here are three things we learned:
1. New norms emerged for reporting cyberthreats
Companies are going public much faster after breaches, according to Nakashima. For instance, she said, the way Home Depot notified customers approximately its 2014 breach â€“ & quickly started looked for solutions to mediate the impact â€“ influenced how other companies responded to breaches this year.Â
"Thereâ€™s been a gradual shift away from blaming the victim," Nakashima said. "Yes, people feel like companies should be responsible for cybersecurity, yet they moreover understand this is such a widespread & pervasive problem that what company hasnâ€™t been hacked?"
2. Cyberthreats are bigger problems for small businesses
More small companies are reaching out to the government for assist with issues around cyberattacks, said Luke Dembosky, deputy assistant attorney general for national security at the Department of Justice. Unfortunately, he said, small firms don't have the same capacity as large corporations to confront dangers online.
"I wonder if thatâ€™s going to push the threat down to mid- or smaller-sized companies," Mr. Dembosky said. "I see that as an issue coming forth in the next year."
3. Progress with China takes time
It's a satisfactory sign that there hasnâ€™t been another attack such as the Sony Pictures breach, said Jason Healey, senior research scholar at Columbia Universityâ€™s School of International & Public Affairs.Â Even though the US blamed North Korea for the Sony hack, Obama administrations officials told The New York Times the government has sought China's assist to stop attacks coming from North Korea. Indeed, said Mr. Healey, success with the Chinese shouldn't be measured only in terms of the recent cyberespionage deal.Â Instead, it should be seen as incrementally better than it was previously.
"Diplomacy isnâ€™t binary, right? Itâ€™s not one or zero," he said. "If this decreases Chinese espionage by 10 percent, it is quite possibly the most successful thing weâ€™ve ever done to reduce Chinese espionage."
Two notable quotes:
1. If the US decides itâ€™s necessary to monitor smartphone apps for potential terrorist activity, Healey said, it is feasible that terrorists will attempt to stay ahead of that monitoring by switching apps frequently.
"What do we do when we have terrorists on Tinder?" Healey said. "How far does this go with the proliferation of technologies, that weâ€™re going to continue to chase them down every hole? Does that scale?"
2. Â Looking forward at whether the US's efforts with China have effectively stanched the countryâ€™s efforts to hack for economic gain, Nakashima said President Obamaâ€™s executive order this year might shed light on possible next steps. The order allows him to impose economic sanctions on either companies or individuals that conduct cyberattacks, including for economic gain.
"If China continues to conduct economic espionage & is essentially violating its pledge, I would expect the administration, before its term is out, to go forth & impose those sanctions," she said.
Have any of the PLA 5 "paid a price"? How approximately the NorK hackers? @CSMPasscode #ACCyberâ€” Brettzky (@Longtabsigo) November 10, 2015
Tech sector denounces bill requiring firms report terrorist activity
Experts question China's promise to curb cybercrime
Paris attacks stir global debate over online encryption
After Paris attacks, lawmakers seek greater access to encrypted data
What does it mean to 'win' a cyberwar?
Should the US engage in espionage for economic gain?
FBI chief Comey says strong encryption diminishes agency's efforts
How well do you know hacker movies?
Read this story at csmonitor.com
Become a part of the Monitor community
Become a Facebook fan!
Follow us on Twitter!
Follow us on Google+
Link up with us!
Subscribe to our RSS feeds!
Source: “Christian Science Monitor”