The advent of the Internet, and our ever-increasing reliance on it, has created a brand new type of warfare — cyber warfare. Today, U.S. companies and government agencies must contend with cyber attacks from enemies such as Russia, China, Iran, and North Korea as well as attacks from individual cybercriminals all over the world. Stopping these attacks is essential for protecting the security of the United States as well as protecting the sensitive data and intellectual property of U.S. companies.
Thankfully, the United States government has taken the threat of this dangerous new digital battlefield seriously and is beefing up its efforts to crack down on digital terrorism. To stop these cyber attacks, the U.S. relies on a combination of active and passive defense measures.
Passive vs Active Defense
Passive defense measures are essentially target hardening and are designed to make it more difficult for an attacker to successfully breach their target. For example, passive defense measures may include things such as encryptions, firewalls, and breach detection systems that bolster the defense of a company or organization’s network.
While these defenses can be quite effective, the issue with relying on passive defense alone is that passive defense does nothing to discourage an attacker – they can simply keep trying until they eventually break through.
Active defense measures, however, are designed to make attackers think twice about targeting a U.S. company or government agency. Active defense measures entail highlighting the source of an attack and levying consequences against the attacker such as prison time if the attacker is an individual or more nuanced actions such as sanctions if the attacker is a foreign government.
Starting in 2017, government agencies were also required to adopt the cybersecurity framework developed by the National Institute of Standards and Technology that is designed to help these organizations assess and manage their risk.
The Future of Cybersecurity
The combination of bolstering U.S. cybersecurity and going after those who try to breach it makes for a relatively effective cyberwarfare strategy. However, we’ve still got a lot of work to do. The digital sphere has already emerged as one of the most important battlegrounds in the world today, and as our reliance on the internet continues to grow, protecting the online data and operations of U.S. companies and organizations will grow increasingly important as well.
It falls to leaders within the United States government and military as well as private companies to recognize the importance of stopping digital terrorism and continue developing the technologies and strategies necessary to defend against it.
Troy Barnes is the CEO of RRDS, a federal defense contractor based in Irvine, Calif.