Preventing Another Sony-Style Cyberattack

Keith Alexander of Bloomberg View writes on insurancejournal.com, “Cyber-attacks against the U.S. are certain to increase. Countries that cannot or would not attack us physically will turn to cyber as a viable and lucrative alternative. Such attacks are easy to deny and extremely difficult to attribute. Sony is the latest and most explosive example of this trend, but it won’t be the last.”

He writes that the U.S. must learn from the Sony attack and use it as an opportunity to protect the country from further intrusions. To that end, Alexander writes, the country should focus on three major objectives in cyberspace. They are:

  • Improve our network infrastructure
  • Pass cybersecurity legislation
  • Work closely with our allies to defend against a global threat

Pertaining to his second point, Alexander also discusses a controversial bill. Here’s what he had to say in his article on insurancejournal.com:

“Unfortunately, current laws and policies impede this kind of co-operation. Companies can’t easily share information with the government about cyber-attacks. And the government often can’t assess attacks against companies and provide timely assistance. To counter this, we need clear legislative guidelines for sharing cybersecurity information between the government and the private sector, and liability protection for companies that do so. Along these lines, a bipartisan bill introduced in the last Congress, known as the Cyber Intelligence and Sharing Protection Act, is a good start.”

Though we can all agree there is a need for cybersecurity legislation, people will of course have differing opinions on the content of proposed laws. It’s important to be aware of what laws are being posed though, how extensive they are, what rights and protections they’ll offer. We encourage you to keep abreast of various approaches to cybersecurity legislation both here in the U.S. and around the world.

Alexander concludes:

“For any of these steps to work, we also have to make sure that the public is confident that their privacy and civil liberties aren’t being violated. That means having an open and transparent discussion about what protections are needed for any information-sharing plans between the public and private sectors, as well as the privacy risks the public now faces from cyber-attacks.

The attack against Sony was an attack against all of us. And our response should reflect this fact. We should use this opportunity develop our cybersecurity framework and pass legislation to improve our ability to defend against future attacks.”

 

To read more, here’s the original article: http://www.insurancejournal.com/news/national/2015/01/14/353988.htm