Cybersecurity experts cautiously optimistic about 2016

Cybersecurity experts cautiously optimistic approximately 2016

It's been an active year in cybersecurity. Washington & Beijing reached a historic agreement around cooperation for curtailing digital espionage, the US government suffered its largest known data breach, & there was a seemingly endless string of breaches & hacks.

Looking ahead to 2016, there's little indication from experts that online threats will be any less numerous or menacing. But there is optimism that groundwork laid this year could pay dividends in the year ahead. That's especially the case regarding negotiations with China to thwart commercial hacking, said Ellen Nakashima, national security reporter at The Washington Post.

"It’s a combination of these tools & these measures by the US as well as expressions of concern by others – industry & academia – that could start to move the needle next year," Ms. Nakashima said.

p>Recommended:

Passcode
Podcast: Microsoft's Angela McKay on building global cybersecurity norms

Nakashima joined a panel of cybersecurity & legal experts to discuss some of the most pressing trends in cybersecurity at an event hosted by the Atlantic Council think tank in Washington. Passcode was the exclusive media partner for this Cyber Risk Wednesday event. Here are three things we learned:

1. New norms emerged for reporting cyberthreats

Companies are going public much faster after breaches, according to Nakashima. For instance, she said, the way Home Depot notified customers approximately its 2014 breach – & quickly started looked for solutions to mediate the impact – influenced how other companies responded to breaches this year. 

"There’s been a gradual shift away from blaming the victim," Nakashima said. "Yes, people feel like companies should be responsible for cybersecurity, yet they moreover understand this is such a widespread & pervasive problem that what company hasn’t been hacked?"

2. Cyberthreats are bigger problems for small businesses

More small companies are reaching out to the government for assist with issues around cyberattacks, said Luke Dembosky, deputy assistant attorney general for national security at the Department of Justice. Unfortunately, he said, small firms don't have the same capacity as large corporations to confront dangers online.

"I wonder if that’s going to push the threat down to mid- or smaller-sized companies," Mr. Dembosky said. "I see that as an issue coming forth in the next year."

3. Progress with China takes time

It's a satisfactory sign that there hasn’t been another attack such as the Sony Pictures breach, said Jason Healey, senior research scholar at Columbia University’s School of International & Public Affairs. Even though the US blamed North Korea for the Sony hack, Obama administrations officials told The New York Times the government has sought China's assist to stop attacks coming from North Korea. Indeed, said Mr. Healey, success with the Chinese shouldn't be measured only in terms of the recent cyberespionage deal. Instead, it should be seen as incrementally better than it was previously.

"Diplomacy isn’t binary, right? It’s not one or zero," he said. "If this decreases Chinese espionage by 10 percent, it is quite possibly the most successful thing we’ve ever done to reduce Chinese espionage."

Two notable quotes:

1. If the US decides it’s necessary to monitor smartphone apps for potential terrorist activity, Healey said, it is feasible that terrorists will attempt to stay ahead of that monitoring by switching apps frequently.

"What do we do when we have terrorists on Tinder?" Healey said. "How far does this go with the proliferation of technologies, that we’re going to continue to chase them down every hole? Does that scale?"

2.  Looking forward at whether the US's efforts with China have effectively stanched the country’s efforts to hack for economic gain, Nakashima said President Obama’s executive order this year might shed light on possible next steps. The order allows him to impose economic sanctions on either companies or individuals that conduct cyberattacks, including for economic gain.

"If China continues to conduct economic espionage & is essentially violating its pledge, I would expect the administration, before its term is out, to go forth & impose those sanctions," she said.

Notable tweet:

Have any of the PLA 5 "paid a price"? How approximately the NorK hackers? @CSMPasscode #ACCyber— Brettzky (@Longtabsigo) November 10, 2015

Related stories

Passcode

Tech sector denounces bill requiring firms report terrorist activity

Passcode

Experts question China's promise to curb cybercrime

Passcode

Paris attacks stir global debate over online encryption

Passcode

After Paris attacks, lawmakers seek greater access to encrypted data

Passcode

What does it mean to 'win' a cyberwar?

Passcode

Should the US engage in espionage for economic gain?

Passcode

FBI chief Comey says strong encryption diminishes agency's efforts

Passcode

How well do you know hacker movies?

Read this story at csmonitor.com

Become a part of the Monitor community

Become a Facebook fan!
Follow us on Twitter!
Follow us on Google+
Link up with us!
Subscribe to our RSS feeds!

Source: “Christian Science Monitor”