#22 – CYBER SECURITY – #1 GLOBAL THREAT – GREG HUTCHINS

Greg Hutchins pixGen. Fang Fenghui, chief of staff of the China’s People’s Liberation Army said:

Cyberattacks could be “as serious as a nuclear bomb” (The Wall Street Journal  China: Cyber Attacks Are Like Nuclear Bombs.’ April 22, 2013).

The U.S. Director of National Intelligence, James R. Clapper recently announced:

“The growing use of cyber capabilities to achieve strategic goals is also outpacing the development of a shared understanding of norms of behavior, increasing the chances for miscalculations and misunderstandings that could lead to unintended escalation. (“Worldwide Threat Assessment of the US Intelligence Community” March 12, 2013.)

CYBER THREAT
Both statements describe what is commonly perceived as the top global threat – cyber attacks and cyber espionage.  The challenge is that our abilities to mitigate and respond are beyond our social, management, and technological systems. And, it’s a global threat not from nation-states, but more often from rogue groups or individuals.

The future of warfare is not going to be tanks, artillery units, or naval platforms.  It’s going to be cyber warfare or what is more commonly called cyber asymmetric warfare against civilian populations using a nation’s critical infrastructure as the weapon of choice.

What would this warfare look like?  A civilian combatant, such as a hacker, would attempt to enter a routable access point or open port through a business system.  The system could lead to a industrial control system such as at a water purification, nuclear, chemical, or electric power plant.  The hacker would then over ride the  plant controls to self destruct the plant. For example, could you imagine a hacker controlling the rods in a power plant and closing the cooling valves.  Think Fukushima nuclear plant melt down.  Not good!

CRITICAL INFRASTRUCTURE PROTECTION (CIP) RISK FRAMEWORKS
President Obama issued Executive Order 13636 “Improving Critical Infrastructure Cyber security” on February 12, 2013.  The directive requires the development of a cyber security framework, which will provide a “prioritized, flexible, repeatable, performance-based, and cost-effective approach’ for assisting critical enterprises to manage cyber security risk.”

Cyber security is a risk that all organizations must address.  All companies have to worry about making payroll, managing suppliers, and securing their confidential information.  The value of most companies now resides not in their brick and mortar but in their intellectual property.

And, cyber security  is also a critical issue for all individuals.  Not sure?  What would you do if your computer was hacked and you lost all its information?  And worse, what would you do if you hadn’t backed up your files.  Hmm.  Could you work?  Or, what would you do if someone hacked your bank account and zeroed it out.  We hope that your financial institution would insure your loss.  And, cyber security is a global issue that impacts all governments, organizations, and individuals.

HOW TO GET MORE INFORMATION
So, in the near future, we’re all going to be cyber risk managers. We’re going to be discussing this through the fall in CERM Risk Insights.

Bio:

Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com)  is the founder of:

CERMAcademy.com
800Compete.com
QualityPlusEngineering.com

WorkingIt.com

He is the evangelist behind Future of Quality: Risk®.  He is currently working on the Future of Work and machine learning projects.

He is a frequent speaker and expert on Supply Chain Risk Management and cyber security.  His current books available on all platform are shown below:

 

Leave a Reply

Your email address will not be published. Required fields are marked *