On October 26, 2016, the Greater Houston Partnership proudly hosted a “Cybersecurity: Corporate Governance and Risk Management” breakfast at Partnership Tower in downtown Houston. Thanks to all of our participants, the event was a great success.
One highlight of the gathering was the address given by Michael McCaul, a U.S. Congressman and Chairman of the House Homeland Security Committee. Chair McCaul provided a wide-ranging discussion of the state of cybersecurity in the U.S. His topics included current and potential threats to cybersecurity in the U.S., possible means to combat these threats, and the importance of emphasizing STEM education to keep America’s competitive edge in the tech industry.
In discussing current threats to cybersecurity, Chairman McCaul noted that some attacks originated outside the U.S. As an example, he cited the Russian attacks on Home Depot with the aim to steal credit card numbers as well as the North Korean hack of Sony.
McCaul brought up an interesting challenge to responding to such attacks. Currently, there aren’t any clearly defined national or international normative definitions for what constitutes an act of war in the realm of cyber attacks. McCaul cited the examples of a Russian cyberattack on electric grids in the Ukraine or North Korea’s attack on Sony. Do such attacks count as an act of cyberwarfare? If so, what is a proportionate response? In order to properly deal with such attacks, we must develop clear definitions for these acts and formulate consistent responses.
McCaul warned that we must also remain vigilant about domestic threats to cyber security. As an example of how damaging such threats can be, he referenced the release of documents by Edward Snowden, who was an NSA contractor. In terms of domestic attacks on large and small networks, McCaul mentioned recent ransomware attacks such as those leveled against U.S. hospitals. Back in July, I wrote about ransomware and suggested ways for companies to protect themselves against it. In my article, I emphasized the vital role of cyber-hygiene as the best line of defense. McCaul acknowledged that such practices could prevent up to 90% of ransomware assaults.
Although McCaul praised the overwhelmingly beneficial aspects of the information-sharing made possible through the internet, he also acknowledged the dark side of this ability to disseminate information across the globe. He discussed the way Jihadist organizations such as ISIS have successfully radicalized individuals across the world through the internet and social media. He also stated that such groups make successful use of encryption apps, making it harder for organizations like the NSA and FBI to surveil these organizations and anticipate their attacks. Furthermore, McCaul noted that an effective counter-narrative to stop such radical propaganda is essential. He emphasized that assistance from social media organizations like Twitter and Facebook will be vital in carrying out such a message.
To address existing and emerging threats, we must retain knowledgeable and talented professionals skilled in tech and cybersecurity in the United States. One way to develop such a talent pool, according to McCaul, is to emphasize STEM education here in the U.S. He noted the growing demand for tech professionals in the private sector and government agencies such as the FBI, TSA, and NSA. If the U.S. wants to maintain a competitive edge in technology, McCaul suggested we must convince tech professionals from other countries that are educated in America to stay in the country.
Furthermore, McCaul remarked that government and private enterprise must ally themselves in order to maintain a technological advantage. Private tech industry and government agencies can combat cyber fraud by keeping channels of communication open and sharing information. To this end, McCaul co-sponsored the Leveraging Emerging Technologies Act, which he mentioned in his address. The act directs government agencies to collaborate with tech companies, both large and small, as a way of responding to a homeland security needs. Toward the end of his address, McCaul also suggested that it is necessary to consider innovative ways of using the considerable talent in America’s tech industry to help maintain national security. For example, he posed the idea of a kind of National Guard of tech professionals that work in private industry but could be called upon in the event of threats to national cybersecurity.
This luncheon, sponsored by the Greater Houston Partnership, provided another exciting opportunity for business leaders in various industries to learn about the current state of cyber security. We look forward to future events that help us remain vigilance against the constantly evolving threats posed by cyber attacks to our community.
Umesh Verma is the award-winning CEO and driving force behind Blue Lance, the global provider of cybersecurity governance solutions. For more than 25 years, Blue Lance’s automated software solutions have been protecting digitally managed corporate assets by assessing, remediating, and monitoring security of information systems. Call Blue Lance at 1-800-856-2586 for your 25-point credentials assessment, or get social with us on LinkedIn, Facebook, or Twitter.