Choose your language:
At a recent Gartner Security and Risk Management Summit, trouble appeared on the horizon amid the idyllic waterside calm of National Harbor, Maryland. In one Gartner prediction slide during a keynote, an eye-pleasing orange glow highlighted a troubling discovery: By 2020, 60 percent of digital businesses will suffer major service failures due to the inability of their IT teams to manage risk.
Overall, there was plenty of problem recognition. Breaches are on the rise. Data intrusions are commonplace. There was a 300-fold increase in the intensity of direct denial of service attacks, according to an Arbor Networks study of ISPs—from only 1GB per second in 2002 to 309GB per second in 2013. And interestingly enough, while financially motivated breaches clearly dominate the cyber attack landscape, ISPs such as Verizon have found a staggering upward trajectory of espionage-related intrusions. As nation states and organized entities—from criminal syndicates to well-funded terrorist networks—enter the InfoSec disruption game, intellectual property theft and network sabotage become more prevalent.
It’s not like chief information officers and their InfoSec peers aren’t aware. But the inability of IT professionals to respond effectively is in alarming sync with a number of other troubling trends and realities, discussed prominently at the #GartnerSEC, but also frantically touched on throughout the evolving cybersecurity space. One dominant theme was the lack of coordination between the private and public sector. U.S. Cyber Command Gen. Keith Alexander offered keynote remarks that seemed more affable than muscular as the country’s top InfoSec official attempted to connect with InfoSec professionals in the room. In terms of destructive cyberattacks, “We’re not ready for that,” warned Alexander, who lamented shortly after that “industry and government are not working together.”
That disconnect is real on multiple levels. Alexander cheered on efforts by the NSA and described a cyber defense National Mission Force—yet, funny enough, nervous murmurs in the crowd were noted as he hyped the need to pass comprehensive cybersecurity legislation to authorize access into data that force is not yet authorized to see (sounds logical— but what do privacy advocates have to say about that?). And while Reps. Zoe Lofgren (D-CA) and Jason Chaffetz (R-UT), along with FCC Commissioner Mignon Clyburn, struggled to articulate Washington policy on mobile security in a POLITICO Future of Mobile event the last day of the Gartner summit, there were no visible signs of a Congressional presence at Gartner’s summit, barely a five-mile jump from Capitol Hill. As Chaffetz put it when responding to a question about whether lawmakers were keeping up with tech: “Are you kidding? There are very few people who understand.”
Charles Ellison is a senior analyst relations strategist for TEKsystems. He keeps close tabs on changes and public policy shaping the innovation space. He is also a former congressional staffer, senior aide to state and local elected officials and an expert advocacy strategist. You can reach him with questions and comments @twoARguys via Twitter.