FBI Director Robert Mueller told the U.S. House Permanent Select Committee on Intelligence this week that cyberthreats will equal or surpass the threat from counterterrorism in the relatively near future.
While that testimony was probably meant to justify further investments in the U.S. Department of Homeland Security, it does serve to throw a spotlight on how ill-prepared most organizations are to deal with such threats. The fact is most organizations are not prepared to deal with everyday power outages, never mind a systematic attack on the country’s digital infrastructure.
For that reason the folks at the International Council of Electronic Commerce Consultants (EC-Council) have been advising chief information security officers to start conducting “wargaming” exercises to get their organizations prepared for such an eventuality. In general, most battle plans fall apart 30 seconds after first contact with the enemy. But that doesn’t mean organizations shouldn't have at least the makings of a rudimentary backup plan for business continuity, and that backup plan should address not only cybercriminal activity but also cyberespionage.
Like it or not, businesses of all sizes are being targeted as part of ongoing efforts to steal intellectual property. You might think that only applies to a limited number of organizations, but it’s already been shown that hackers are targeting any company they think might give them a digital back-door into another organization that has something worthy of stealing.
It’s not clear yet whether this cold war is ever going to turn hot. But tempers are starting to flare while diplomats continue to negotiate. No matter what the outcome of those talks an ounce of cybersecurity prevention still goes a long way toward mitigating what can easily become a full-scale financial disaster.