Cybersecurity Lessons from 2020

It has been two weeks, and 2020 is still teaching us some harsh lessons. In terms of cybersecurity, it was probably the most lucrative year ever for hackers. The Washington Post writes that the total losses to hacking and Internet-based fraud surpassed $1 trillion USD. Compare that to the global oil market’s value of $3.3 trillion, or the technology industry’s $4.8 trillion. What’s up with that? How can crime compete at scale with some of the largest industries, seemingly without contest?

There are a lot of factors that can go into answering that question. Conventional wisdom holds that cybersecurity is a technological problem that demands a technical solution. Reality, however, indicates that there is far more than just technology that needs to go into answering why hacking happens, why it’s so hard to prevent, and why it’s so successful.

Along with technology, this blog will look at the social, philosophical, and real-world aspects that define cybersecurity, and in particular, we will look at how community cooperation can be a potent defence against cyber-threats.

The community defence

In an era defined by its divisive fractiousness and hyper competitiveness, it might be surprising to find that behaviours in cyberspace are trending towards cooperation and community. Behaviours like disclosure, aid, cooperation, and advocacy are appearing more frequently. Centurion Cyber Defence believes that community is a fundamental aspect of a successful cybersecurity strategy. This is not empty ideology, but rather a pragmatic approach. 2020’s SolarWinds Orion hack demonstrates that vendor attacks – which can impact an entire ecosystem of business – are not just possible but devastating.

The response to Orion, when it came, was a concerted effort from affected platforms, organizations, and fellow vendors, to contain the damage and prevent further proliferation. The response was eerily similar to a community response to a criminal act. To this day, analysis of the Orion hack is ongoing and being disclosed daily, with solutions and patches coming down almost as fast as the vulnerabilities are being found. The big lesson: business doesn’t exist in isolation. An attack on any vendor can quickly become an attack against all of their clients.

Cynically, one could look at this as a blame-worthy single point of failure. A wiser opinion is that “singular” points like this exist all throughout a column of networked businesses, akin to a leaking dam. Plug one hole, four more open.

The key is not to be the only one looking for holes, nor to be caught alone when the dam occasionally bursts.

Sharing the burden

There is an aphorism that says, “faster alone, further together,” and so it is with cybersecurity as well. It is easier and more straightforward for every organization to build up their own capacity to the best of their abilities, but doing so ensures that hackers will maintain the advantage, with nothing to stop the same techniques from being used over and over.

By working together, strategies and responses can be assembled based on information shared between community members. At present, this means that post-mortem information and patches can be put together rapidly after an incident. In the future, it may mean that countermeasures precede an attack, thanks to early detection and disclosure.

Building up

How does one join a cyber-community? It’s not an elusive club that needs to be uncovered to join. Businesses often develop networks naturally, and from there it is simply a matter of injecting cyber-awareness into day-to-day conversations and dealings. Consider your network. How would you describe their cyber-awareness? Is cybersecurity something that gets discussed as part of business plans? If not, why?

Conversely, how would you feel if a business offer included opportunities to collaborate on cybersecurity? Some would scoff, but such arrangements are becoming more common as organizations beef up their efforts to combat hackers.