Can we really safeguard the Nation’s Critical Infrastructure?
It’s the last full week of National Cybersecurity Awareness Month and this weeks focus is on the safeguarding of the Nation’s Critical Infrastructure. This is strengthening the shared commitment in protecting the vast networks and systems sustaining the nation’s communication, utilities, finance, transportation and agriculture sectors.
This themed month is about raising awareness surrounding the importance of safeguarding the nation’s critical infrastructure. It was originally created in order to promote and educate the public on cyber security issues and dangers of online attacks. In recent years, cybersecurity has become a bigger risk to everyone from individuals to companies, and governments. The World Economic Forum’s Global Risk Report 2018 named cyber attacks as the third top cause of a Global Risk, just behind natural disasters and catastrophic weather events. This continual shift in the global risk landscape presents challenges in the operation and investment environment for businesses. With an increasing pace of change in the advancements in technology, the world is becoming more interconnected. Social instability and the changing geopolitical landscapes are both creating new threats within the current technological landscape.
Critical infrastructure provides an essential service and the foundations to the nation’s security network. This relies upon technology and communications. In order to protect these networks and systems against cyber attacks, companies, organisations and individuals play a key role. To business leaders in more advanced economies, cyber attacks are perceived as one of the biggest global risks in this industry. Exposure to cyber attacks is also increased as companies become more dependent on different types of technology. As the number of connected devices grows, the expanse of surface in which cyber attacks can target also grows.
The rise in sophisticated cyber attacks is only going to accelerate due to the rise in geopolitical tension, in particular from well-sourced efforts with state backing. Managing the risk of cyber attacks is complex due to the varying industries which could be a potential target. The spectrum of risks encompass identity theft, interruption of business and disclosure of information.
Technology providers and companies are striving to develop solutions that can be applied across an entire technological stack in order to advance approaches to protecting the nation’s systems. Across all industries, there has been an increase in connectivity, for future protection, governments and industries need to work together in order to address the needs of our critical infrastructure.
The risk of cyber attacks is one of the biggest challenges facing the modern digital economy. The Geneva Association describe a cyber risk as “any risk emerging from the use of information and communications technology that compromises the confidentiality, availability or integrity of data or services. Its materialisation eventually leads to business disruption, (critical) infrastructure break down, and physical damage to humans and properties”. Some cyber attacks can lead to potential economic losses.
The awareness of the challenges is improving, with more people becoming aware of cyber attacks in general. The investment that companies are also putting into cyber-risk management is also increasing. Although this may be the case, cyber security and protection is still one of the most under resourced industries in comparison to the level of risk that it possesses. With this in mind, companies and businesses need to invest in more resilient solutions in order to prevent future attacks. For natural catastrophes, the “protection gap” has been narrowed to 70% from 78% during the last 30 years. Contrary to this decrease, most cyber losses remain uninsured, costing the global economy approximately $400bn every year. Worldwide, approximately 90% of the total losses acquired by cyber attacks are not covered by insurance, thus surpassing the protection gap associated with natural catastrophes.
Currently, we are at the forefront at a global digital revolution. We have become more and more dependent on technology, at both home and work, with most people embracing this change. The increased access that we now have to the internet is one of the driving forces behind the digital industry to growing at such a rapid rate. Although this growth in technology is to our benefit, this growth however, brings ongoing and developing dangers with it, from cybercriminals, ‘hacktivists’ and DDoS attacks.
The types of technology that we use on a daily basis are secure to a certain level. However, the introduction of 5G mobile broadband could power the Internet of Things and smart cities. As more devices start to connect to this network, cyber attacks may start to increase in, not only number, but also severity. The types of technology that we now use on a daily basis means that our cities and homes are becoming ‘smarter’, with all devices collecting and transmitting data; from traffic cameras, street lights, heating systems and doorbells. This network is only going to expand and get bigger as the 5G network is introduced, becoming the power source for critical infrastructure. Therefore, a cyber attack on the 5G network could impact and stop the country.
By 2020, there could be 75 billion Internet of Things devices connected to the internet. Whilst this better connectivity has opened up vast opportunities for users, it poses huge risks in terms of security. A large amount of these IoT devices, such as small temperature sensors, are relatively cheap and need to have a long battery life. Implementation in order to make these devices secure will push the price up as they will require more power. The likelihood of making the network secure is unlikely. For hackers, these insecure devices will be an easy target. Even large companies such as Google and Facebook who fork out billions on security, have both recently been hacked. If these companies cannot protect their systems with large amounts of investments, how are individuals expected to secure the large expanse of connected devices that people own? As individual devices are becoming more vulnerable, the whole network is at risk. This new 5G network is also going to be a cloud based network. This migration from a physical network to a virtual network, also brings with it more risks and threats as the network broadens. Two factor authentication will soon become the norm as users and our smartphones which work on a 5G network will become the key weapon against hackers.
In order to secure the nation’s critical infrastructure, the systems in place need to be highly resilient. Small scale attacks on infrastructure can have huge consequences. To protect themselves against prior to attacks, governments, companies and individuals need to have systems in place. Although the type and scale of future attacks is unknown, having the knowledge of previous attacks, can help prepare for what is to come.