A top official within the Office of the Director of National Intelligence’s (ODNI) Cyber Threat Intelligence Integration Center (CTIIC) painted a vivid picture today of the modern cyber landscape, and how the threat has evolved over the past decade to include both nation-state and non-aligned adversaries.
“I would like to give a sense of a larger inflection in the landscape,” CTIIC Deputy Director Dana Madsen said today during the Rubrik Public Sector Virtual Summit powered by MeriTalk, “and that’s an evolution over the past decade from what has historically been a key concern in cyber: cyber espionage – the theft of intellectual property and proprietary data – to the emergence of cyberattack as a co-equal concern.”
“It’s not that cyber espionage has gone away, it’s just that the landscape has become more complex, we have more to worry about – both attack and espionage – and we have a greater proliferation of actors out there,” Madsen said.
The CTIIC deputy noted the “usual suspects” of threat actors represented by nation-states including Russia, Iran, and China, but also highlighted that the cyber threat from non-state actors has grown exponentially.
These types of groups are using low-sophistication techniques to affect physical processes through cyber means, Madsen explained.
“These actors are opportunistic in nature,” he said. “They scan the internet, they identify systems that are vulnerable, and they are exploiting things like weak password security, lack of updated software – basically shortfalls in cyber hygiene to cause opportunistic effects.”
He continued, “You can imagine the risk to public health and safety if they’re conducting activity, for example, that targets the water sector.”
In light of the complexity of the evolving cyber threat landscape, Madsen offered up three actions organizations should take to better secure their systems.
“Recognize that you’re a potential target, and this is important if you’re in sectors that have historically not been targeted,” Madsen offered as the first piece of advice. “This is by virtue of being connected to the internet.”
“Second, I think, given this environment, it’s important for organizations to think about how they balance cyber risk,” Madsen said. “They need to be able to think about what’s the risk that they face … and then translate that risk into business terms so the senior executives can make the right tradeoffs between the cyber and other dynamics that are important to driving a business or driving a Federal, state, or local government entity.”
“And then finally, I’ll highlight cyber hygiene and data resilience as being very important,” he concluded. “Cyber hygiene bolsters your resilience to these types of actors, as does the data resilience, and also makes it easier to recover when [attacks] happen.”
