Traditionally, physical security and cybersecurity have been considered two separate entities. The cybersecurity threat, while significant, was often relegated to the sphere of enterprises, individual privacy, intellectual property loss and financial theft. Physical security, on the other hand, meant potential risk to human safety and lives — and was naturally taken more seriously.
Initial investigation indicates that no encryption was used in planning the terrible Paris attacks. Regardless, these events have given new life to the discussion of how cyber means can serve as conduits for planning physical attacks. This discussion signifies a major sea change, in that cybersecurity and physical security have now effectively overlapped.
The cyber world levels the battlefield such that instead of military might, all you need is an Internet connection and an agenda to take on the mightiest nations on earth. In fact, if criminals have cyber access to a system or facility, physical security precautions can quickly be rendered useless.
In this new world, physical security is often at risk without an eye toward cybersecurity and effective monitoring. Our ability to monitor and gather intelligence in the cyber realm has to be agile enough to keep up with the speed and trends of new technologies and media forms that will inevitably be used for malicious means.
And yet, cybersecurity issues have been noticeably absent from most presidential candidate talking points. Beyond the increased physical/cyber connection — which is the most urgent — I predict the growth of several additional cyber-related threats in the coming year, which the candidates must understand and address as part of their comprehensive cybersecurity agendas. These include:
Ransomware Will Hit Mobile Phones. Imagine your mobile device is suddenly locked with no access to your data, and you’re forced to pay hackers to get a key. That’s ransomware, and in 2016 it will move into mobile phones.
Wearables And The IoT (Internet Of Things) Increase Mobile Threats. 2015’s big excitement over watches and IoT-connected devices has the potential to create a whole new set of security vulnerabilities, ripe for hacker attacks.
Security Talent Brain Drain. Cybersecurity is growing fast, and more dollars are pouring in, but the talent to make it all work is not keeping up. This shortage will lead to gaps in security, making organizations more vulnerable.
Anything Of Monetary Value Is Fair Game. The most visible threats of 2015 were against companies whose data could be turned into monetary gain. This will increase, with healthcare the most vulnerable industry, based on its lack of investment in security.
Citizens should be insisting that candidates clearly outline decisive plans for harnessing growing cyber threats.
I’m not suggesting that government leaders are ignoring the serious cybersecurity threats facing us. In fact, Hilary Clinton’s recent bid to Silicon Valley was a good start. But so far, the measures they’ve put in place have proven ineffective. Privacy issues aside, the recent Senate-approved CISA bill may help in analyzing breaches post-mortem, but it does very little to impede attacks before the fact.
Then there was the sham of the “Cyber Peace Treaty” White House meeting with China’s President Xi Jinping. This gesture was purely symbolic, as it only mandates that the two governments may not sponsor hacking, leaving much room for potential abuse. Currently, there’s no evidence that cyberattacks waned after this treaty.
It’s time for all U.S. citizens to require the candidates to acknowledge the U.S. is on the verge of losing the cyber war. Citizens should also be insisting that candidates clearly outline decisive plans for harnessing growing cyber threats, which increasingly threaten the safety of our nation and our people. And we all need to consider these plans before casting our votes. As citizens, it is our responsibility to not wait for a future event in order to start demanding answers.