Page 105 - Cyber Defense eMagazine August 2023
P. 105

recommending  automated  continuous  validation  of  security  controls  to  protect  against  the  constantly
            evolving threat landscape.

            With this in mind, it’s worth taking a deeper look  at how cybercrime  and cyber  warfare have impacted
            government attitudes towards cybersecurity.



            What is cyber warfare?

            The term “cyber  warfare” is itself contentious.  There has been much  debate surrounding  its definition,
            with  some  experts  even  questioning  whether  we  can  truly  distinguish  between  cyber  warfare  and
            traditional warfare.

            However,  the  RAND  Corporation,  an  American  global  policy  think  tank,  does  give  us  a  reasonable
            working definition.

            “Cyber warfare involves the actions by a nation-state or international organization to attack and attempt
            to damage another nation's computers or information networks through, for example, computer viruses
                                                or denial-of-service  attacks.”

            Considering contemporary society’s near total reliance on computers and information networks, it’s easy
            to  see  why  governments  would  want  to  shore  up  their  defenses  against  potential  cyberattacks,
            particularly  at a time of geopolitical  unrest.  We have  already seen glimpses  of the havoc  cyberattacks
            can wreak on a nation’s infrastructure. The most memorable of these perhaps was the Colonial Pipeline
            incident in 2021, which caused gasoline prices in the US to skyrocket, sparked a wave of panic buying,
            and resulted in President Joe Biden declaring a state of emergency.



            How are government attitudes changing?


            As  previously  noted,  the  prospect  of  cyber  warfare  has  brought  about  important  changes  in  the  way
            governments  approach  cybersecurity.  The  US  government  has  long  emphasized  the  importance  of
            collaboration  between  the  private  and  public  sector  in  protecting  critical  national  infrastructure  (CNI).
            However,  the  2023  US  National  Cybersecurity  Strategy  puts  a  new,  much  stronger  emphasis  on
            regulation, expressing the need to:

               •  Establish cybersecurity regulations to secure critical infrastructure
               •  Harmonize and streamline new and existing regulations
               •  Enable regulated entities to afford security

            This is in stark contrast to the 2018 strategy that only mentions regulation  once in the entire forty page
            document,  and in fact, goes so far as to criticize the idea. The two documents  represent far more than
            the ideological differences of different administrations. They show how the federal government shifted its
            views on cybersecurity in response to significant, world-changing  events.








            Cyber Defense eMagazine – August 2023 Edition                                                                                                                                                                                                               105
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   100   101   102   103   104   105   106   107   108   109   110