Page 105 - Cyber Defense eMagazine August 2023
P. 105
recommending automated continuous validation of security controls to protect against the constantly
evolving threat landscape.
With this in mind, it’s worth taking a deeper look at how cybercrime and cyber warfare have impacted
government attitudes towards cybersecurity.
What is cyber warfare?
The term “cyber warfare” is itself contentious. There has been much debate surrounding its definition,
with some experts even questioning whether we can truly distinguish between cyber warfare and
traditional warfare.
However, the RAND Corporation, an American global policy think tank, does give us a reasonable
working definition.
“Cyber warfare involves the actions by a nation-state or international organization to attack and attempt
to damage another nation's computers or information networks through, for example, computer viruses
or denial-of-service attacks.”
Considering contemporary society’s near total reliance on computers and information networks, it’s easy
to see why governments would want to shore up their defenses against potential cyberattacks,
particularly at a time of geopolitical unrest. We have already seen glimpses of the havoc cyberattacks
can wreak on a nation’s infrastructure. The most memorable of these perhaps was the Colonial Pipeline
incident in 2021, which caused gasoline prices in the US to skyrocket, sparked a wave of panic buying,
and resulted in President Joe Biden declaring a state of emergency.
How are government attitudes changing?
As previously noted, the prospect of cyber warfare has brought about important changes in the way
governments approach cybersecurity. The US government has long emphasized the importance of
collaboration between the private and public sector in protecting critical national infrastructure (CNI).
However, the 2023 US National Cybersecurity Strategy puts a new, much stronger emphasis on
regulation, expressing the need to:
• Establish cybersecurity regulations to secure critical infrastructure
• Harmonize and streamline new and existing regulations
• Enable regulated entities to afford security
This is in stark contrast to the 2018 strategy that only mentions regulation once in the entire forty page
document, and in fact, goes so far as to criticize the idea. The two documents represent far more than
the ideological differences of different administrations. They show how the federal government shifted its
views on cybersecurity in response to significant, world-changing events.
Cyber Defense eMagazine – August 2023 Edition 105
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.