Select Page

Month: January 2018


When President Barack Obama made his first State of Union address, there were a series of key challenges for cyber security policy. There was increasing problems of state-linked intellectual property (IP) theft that, in the wake of such incidents like the hacking of the F-35 fighter jet program, were becoming both an economic and national security issue, clouding Sino-American relations. There were growing worries about such ills as transnational criminal networks harming trust in the growing e-commerce marketplace, as well as botnets threatening to clog the “pipes” of cyberspace. Cyber warfare was starting to emerge as a real realm of conflict, with demands for the U.S. military to figure out how it was going to train, recruit, budget and organize for digital operations. And, there were concerns about privacy and state surveillance, but in those halcyon pre-Snowden disclosure days, they were framed mostly around such issues as China’s hacking of Google networks. These concerns would then animate a series of cyber security programs and activities over the next years of the Obama administration, with mixed success. They ranged from the launch of bilateral talks with China that would culminate in a new agreement on IP theft, to the launch of new efforts to set cyber security standards for both American business and global politics, to new revelations and battlelines of privacy and surveillance, to the creation of an entire new military organization for fighting in cyberspace, U.S. Cyber Command. Obviously, we are...

Read More

War room to boardroom: The new era of cybersecurity

Facebook’s hire of its first ever head of cybersecurity policy is recognition that protecting corporations from foreign hacking is an increasingly serious matter. Sophisticated cyber threats presented by state-sponsored actors have long challenged sensitive United States government computer networks. What’s new — as Facebook’s move indicates — is that these complex state-sponsored cyberattacks are now also threatening America’s leading companies to a larger extent than ever. The resources, skill and complexity posed by hackers managed by Russianintelligence agencies, for instance, far surpass the motivations and abilities of typical cyber criminals. In this new era, U.S. companies must bolster their defenses and leverage advanced cyber tools designed to stop state-sponsored attacks. The mounting threat against American commerce — the bread and butter of America — must be addressed. It’s not business as usual anymore. While Russia is not the only state engaging in these activities, its cyber operations are relatively known. Unable to dominate in conventional military terms, Russia views cyber operations as an affordable way to disrupt its adversaries. As part of this effort, Russia has increasingly targeted civil and commercial computer networks. This includes measures to cripple critical infrastructure, financial networks, and internet services and capture proprietary data or sensitive communications, such as a CEO’s emails. While working at the Pentagon, I saw firsthand how Russia tested these capabilities in Ukraine as major coordinated cyber intrusions shut down power grids, interrupted television broadcasts and generally...

Read More

Cyber security salaries will rise 7% in 2018, says research

Salaries for cyber security specialists are set to rise in 2018, according to a salary survey by recruitment firm Robert Walters. The research found roles related to cyber security in the UK will see an average pay rise of 7% this year, one of the highest salary increases for IT-based roles. Ahsan Iqbal, associate director at Robert Walters, said IT professionals have been increasingly demanding higher wages when moving jobs. “At this point, salaries for IT professionals are highly inflated, with employers having to compete to secure top talent. In this context, the increases for cyber security specialists are particularly noteworthy,” he added. The increasing investment in cyber security professionals across all industries has often been attributed to the growing number of high-profile cyber attacks over the past year, which have brought attention to theimportance of being prepared for these occurrences. In London, a professional in a head of information security role with 10 or more years of experience can expect an annual salary of between £105,000 and £170,000 a year – an increase on a London-based head of information security salary of between £95,000 and £155,000 in 2017. Though the annual salaries for these roles in other parts of the UK, such as the Midlands and the North of England, are lower on average, there has still been a significant increase in the total yearly remuneration for cyber-based roles from 2017...

Read More

Spotlight: Israeli cybersecurity firms keen on exploring Chinese market

China’s growing cybersecurity market has attracted more attention from global companies including those from Israel, which is strong in the cybersecurity sector. Chinese cybersecurity market is huge and growing, not only because of its huge population of computer users, but also its deepening connection with the digital world, said Jony Fischbein, head of the Technical Marketing & Innovation of Check Point Software Technologies Ltd., the largest network cybersecurity vendor globally. During an interview with Xinhua at the Cybertech 2018 being held in Tel Aviv, Fischbein said his company is “more than keen to cooperate with Chinese partners on how to protect the next wave of cyber attacks.” As the cyber world becomes increasingly connected, the risks of more advanced attacks disrupting the cyberspace are no longer a science fiction. To protect cyber security and order requires global cooperation, especially when the world is being connected in the era of the IoT (Internet of things), most experts and industrial leaders attending the Cybertech 2018 agreed. Yigal Unna, director general of Israel’s National Cyber Directorate in the Prime Minister’s Office, emphasized the importance of global cooperation in the cybersecurity sector. One of the important solutions is the establishment of an international cyber coalition, because the cyber threats affect the entire world, and so are the ways of dealing with them, Unna said. Unna pointed out that it is important to identify early...

Read More

Laissez-faire cyber security: what could go wrong?

If you saw the news about fitness tracker Strava revealing secure government buildings and thought ‘someone would have told me if there was a risk to my organisation’, this article is for you. Hands up if you don’t really understand half of what people are saying about cyber security? It’s OK to admit that. The public service needs to be a safe place for executives to say ‘I don’t understand this, can I get a briefing that’s at my knowledge level?’ Can we expect a public service leader, with deep policy and delivery expertise in their field or a career spent honing their organisational strategy and management skills, has found time to become a Tor expert or master of the dark web? Perhaps after ensuring the kids got to school on time. Besides, nearly every jurisdiction in Australia now has a whole-of-government chief digital officer, isn’t all this their responsibility? And there are departmental CIOs too. And the federal government has a whole agency on it. Surely that’s enough eyes. Sadly, this has been the assumption, and it’s had terrible consequences. This is where governments’ laissez-faire approach to cyber responsibility has got us: delivery agencies, depended on by millions of Australians, implausibly claim they’ve had no cyber attacks. ‘No cyber attacks’ …and you believe that? Let’s pick on Australia’s largest state. New South Wales has nearly 400,000 public sector employees...

Read More