Why governments should collaborate on cybersecurity

Earlier this year, the Biden-Harris Administration released the National Cybersecurity Strategy to ensure the safety of digital ecosystems for Americans. One of the tenets of the strategy was the rebalancing of responsibility for defending cyberspace by shifting the cybersecurity burden away from individuals, small businesses and local governments and onto the organizations best suited to reduce risks for all. 

While this was a firm first step toward protecting U.S. businesses and critical infrastructure, cybercrime has become the most lucrative business in the world today, and governments have thus far failed to take responsibility, leaving the private sector to handle cybercrime on its own. As we begin to see cooperation between state-run cybercrime activities and cybercrime groups that are allowed to operate within those states’ borders, cybercrime and nation-state defense strategies can no longer be separated.

It takes just one cybersecurity lapse

When it comes to business, all it takes is a single employee to make one mistake to expose their organization to potential threats. In March 2023, the same month the Biden-Harris Administration announced its National Cybersecurity Strategy, videoconferencing and business phone company 3CX suffered a breach caused by a software supply chain attack on a third party. A single employee downloading what they thought was a legitimate application — in this case, to track their personal stock portfolio — created a domino effect.

Unbeknownst to the employee, the application was infected with malware, which, once installed, would go on to disrupt two software supply chains. There are plenty of other stories about a single phishing email that provided entry for an attacker to launch ransomware or data extortion campaigns across an enterprise. While awareness training can help reduce these sorts of incidents, it can’t completely eliminate them.

With respect to critical infrastructure, our sources of electricity, energy and water, not to mention shipping routes and physical supply chains, are woefully under-protected and easily compromised. Look no further than the Colonial Pipeline hack of May 2021 to see how ransomware attacks can bring critical infrastructure to a complete halt. As the world becomes increasingly digitized, these legacy systems continue to operate on outdated security practices, meaning a large-scale cybersecurity incident could be only a matter of time.

Government action

Despite the ease with which cybercriminals are able to poison a network and hold a private organization hostage or dismantle critical infrastructure, governments haven’t used their full arsenal — and so, tools that are only held by state-level organizations are currently out of the playing field. For starters, the private sector can’t collect intelligence or mitigate threats at the source. They can only stop malicious actors after they’ve been attacked. Governments have a much larger scope and are capable of stopping an attack — or the attackers — at the source. 

To insulate themselves from threats and their potentially catastrophic impacts, like-minded governments must work together to address cybersecurity risks at the root. These nation-states need to consider creating new alliances that would identify and remediate vulnerabilities in our critical infrastructure, almost as if they were a new NATO for cybersecurity.

Too often, we think of mounting cyber-defenses like a tennis match, with the malicious actors on one side, lobbing and serving attacks at the defender. However, cyber-defenses must be much more collaborative. This means that everyone must do their part. Businesses must take steps to protect themselves and their customers from these threats, but wide-scale protection depends on intergovernmental cooperation.

Thus far, nation-states have failed to embrace the collaboration required to better secure their infrastructure, businesses and people. In fact, an argument could be made that we’re going backward, as various nations enact data privacy laws that can be contradictory and include stringent data hosting laws that do not necessarily improve threat response times or security as a whole. While there are some areas where governments have made strides, this is just one example of the many roadblocks toward establishing a NATO-esque organization for cybersecurity.

Toward an intergovernmental cybersecurity alliance

For an international alliance that addresses cyber threats to succeed, the organization must serve as a hub to centralize information, intelligence, strategy, operations, deterrence and punishment against cybercriminals. This involves three layers.

The first layer would be an Intelligence branch, which collects information about cybercriminal actors, methods, tools and attacks; it will be responsible for developing expertise on cybercriminals and their modus operandi, which all member countries can benefit from.

The second layer would be the policy and strategy branch, which develops best practices, guidelines and regulations as the foundation for a robust national cyber environment.

The third layer would be operations. This branch would mitigate major risks and take action to deter, punish and legally pursue cybercriminal actors.

We can’t wait for another Colonial Pipeline attack, let alone something much worse before nation-states decide it’s time to act. The time is now for governments across the world to come together and lay the groundwork for a cybersecurity-focused “NATO” that is wholly dedicated to working cooperatively to defend against, mitigate and reduce the impact of cyber-based threats. 

Asaf Kochan is cofounder and president of Sentra.

Originally appeared on: TheSpuzz