McAfee just released its global cybersecurity report, which was done by SDA (Security and Defense Agenda), an independent security think tank and the results are chilling. The majority of experts believe we are in a cyber arms race, over a third believe (given the threat) that cybersecurity is more important than missile defense, nearly half think cyber attacks will have wide economic impact (up 8 percent from last year), and nearly half also believe that cybersecurity is as important as border security.
While it points to a global need to address this growing global problem and consensus to that need, the underlying politics of blame and control all but assure a global solution is beyond anyone's grasp. At the core of the problem is the typical bureaucratic issue that no one wants to accept the blame or the responsibilities necessary to mitigate the problem. This typically changes after there is a major breach that compromises high-placed politicians and with the increasing attacks both by governments against other governments and by Anonymous, who has been doing a nice job of showcasing just how unsecure everyone is.
This creates an untenable situation where the only time there will be an adequate response to a major cyber threat globally is after a global event and likely after many of the folks currently in office are removed or motivated to change their positions.
Let's highlight the problems, summarize McAfee's recommendations and suggest some others.
Cyber threats have become global with attackers operating across borders but where enforcement can't cross those borders to address the threat quickly enough to eliminate it. Typically, treaties exist between states that border each other to prevent the escape of criminals into those countries, but extradition can prove difficult even then, which focuses enforcement on catching them before they could leave. In a cyber landscape, the criminal never needs to enter the country where the crime is committed.