By Damon Fleury
While the threat of cyber attacks is nothing new, the realization that a major attack could happen to any business, regardless of size or industry, is taking up increasing space on leadership radars. As companies collect more data and deepen dependence on digital networks and systems, all organizations fall into the category of targets. What’s more disturbing is the wide variety of attacks that companies must worry about now. Data breaches, malware and ransomware are all making news headlines with frustrating regularity. Criminal motivation is being fueled by cyber crime’s staggering potential for monetary gain with payoffs that exceed all other illegal activity combined. The result is businesses are facing daunting adversaries in the form of sophisticated crime rings and nation states, and the reality is many organizations don’t have the resources to successfully take on this level of threat.
Cue breach fatigue
A growing attitude when it comes to cybersecurity is that it’s not a matter of “if,” it’s a matter of “when.” It’s easy to continue with business-as-usual because we simply don’t know what to do about the challenge despite the escalating warnings about the seriousness of cyber crime. Even Warren Buffett has said that cyber attacks are among the greatest threats facing mankind, on par with biological warfare. It’s a level that we’ve never experienced before making it difficult to even grasp and place in context.
Defending against cyber attack can seem like a hopeless battle, but it doesn’t have to be. The U.S. Military has been playing in this high stakes arena against advanced threats for the past several decades, which is good news for commercial organizations and local governments that need to significantly strengthen their cybersecurity game. There are best practices that have already been proven effective in highly adversarial situations, and fortunately, many of these methodologies can be replicated by most businesses.
The military has devoted significant resources to tackling the globe’s most dangerous cyber threats and already understands the full scope and context of the challenges. While much of the military’s methodologies remain proprietary for good reason, there are military veterans who have transitioned into the commercial sector and who can share many of the effective tactics and practices to help businesses successfully protect their data, networks and profits.
With a little bit of research and knowledge seeking, you can find some helpful military-based resources to help guide your cybersecurity plan. An example is a report that the Department of Defense, Defense Science Board published titled Resilient Military Systems and the Advanced Cyber Threat. Another good resource for military-grade cybersecurity insight is content developed by companies that have been founded by military cybersecurity veterans.
A wise adage is never take advice from anyone that can’t demonstrate the results you want. The reverse is true. For guidance, look to those who have the results you want. In cybersecurity, the military offers a pretty strong path to follow.