October 1, 2016

Jonathan Reiber Op-Ed: Withstanding a Cyberattack

News, Publications

Jonathan Reiber, Senior Fellow with the Center for Long-Term Cybersecurity, recently published an op-ed in Mint, a business publication in India, entitled “How to Withstand a Cyberattack.”

“Today, our reliance on the Internet potentially presents what British sociologist Anthony Giddens terms a ‘high consequence risk’,” he writes. “The technology that runs our world, our tightly coupled urban populations, and our globally interconnected systems mean that smaller groups can have an impact disproportionate to their size. The question thus becomes, how do we prevent such risks from occurring? More importantly, how do we withstand them when they do?”

In his op-ed, Reiber argues that we should work toward a future where “organizations can work together to create cultures of cybersecurity that take root until our most vital systems and missions are secured and our societies made more resilient to potential attacks.”

To get there, he says, requires a combination of technology and culture change. “The most important part of our cybersecurity story is not technology: it’s people,” Reiber writes. Among his recommendations:

Build a Strategy: “Every data-dependent organization needs some kind of cyberstrategy to manage its workforce and protect its interests.”

Nail the Basics: Organizations need to foster “cultures that reject…poor security practices…, opting instead for multi-factor authentication, strong passwords for access, and encryption for data at rest and data in motion.”

Public-Private Collaboration is Key: “Leaders in government and the private sector need to work together to prevent and respond to cyberattacks…. Governments must work with the private sector to communicate about intrusions and determine appropriate response options to blunt ongoing attacks and prevent future incidents.”

Focus on Resilience: “Companies should identify the potential impacts of major operational disruptions on their infrastructure, such as the loss or disruption of banking data, and invest in measures to continue operations if the event of an incident.”

Click here to read the full op-ed.