Cyber protection is no longer optional. The future is now, and the war in Ukraine has escalated the threat of destructive ransomware attacks to an all-time high.
“You think about the effect of a single piece of malware. Russia literally doesn’t have tens or hundreds of thousands of cyber tools they could launch,” said Sen. Mark Warner (D-VA) .
The intelligence community says it is focusing on four potential scenarios.
“We’re very, very focused on ransomware actors who could be carrying out attacks against our allies or our nation. We’re very, very focused on a type of cyber activity that is perhaps designed for Ukraine and spreads more widely in other countries. Third, is any type of attack that an adversary would carry out against an ally. And finally, certainly our critical infrastructure,” said NSA Director General Paul Nakasone.
As the United States focuses on defense, private companies and government agencies are on the attack, trying to hire nearly 600,000 people for cybersecurity.
“We have a lot of gaps to fill, and there are a lot of holes that can be explored by malicious actors in cyberspace,” said Jason Blessing, visiting fellow Jeane Kirkpatrick and cybersecurity expert at American Enterprise. Institute.
Blessing told CBN News that when it comes to this critical area, the public and private sectors share responsibility for protecting national security. A failure at either end could have disastrous consequences.
“In today’s society, everything is connected, everything is interdependent, and therefore everything is potentially vulnerable,” Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), told Congress recently.
CISA is tasked with key roles such as prevention and emergency response, but Easterly struggles to keep his agency fully staffed.
“We did a careful analysis of all the 20 steps it takes to hire someone in the federal government, which is way too expensive. We were able to cut the number of days it takes to hire someone by 13%, but that’s is still too long, it’s over 200,” Easterly testified.
Another challenge: competing with private sector salaries.
“At the end of the day, people want to come to CISA to defend their nation, but given the competitive environment, we also want to be able to pay closer to the market,” Easterly said.
Yet experts say the biggest global problem is that there aren’t enough qualified people to fill all the vacancies.
“In 2019 in the United States, you had about just under 50,000 people who…had a master’s degree in computer science. And basically, if you want to do cybersecurity, you have to have those kinds of skills” , said Kwame Yamgnane, the founder of Qwasar.
The numbers just don’t add up: 50,000 people to fill almost 600,000 jobs. So the tech industry is trying to help fill the void. Microsoft, for example, offers a free cybersecurity program to all public community colleges.
“Basically, like 70% of all students in the United States are in community colleges … so community colleges have a very important role in being able to provide enough training, enough learning for learners, to be able to satisfy the workforce. ‘work,’ Yamgnane told CBN News.
He noted that another problem is finding experienced educators to teach these skills.
“If you live, say, in the bay or the peninsula in California, and you’re really good at computers, you get a six-figure job somewhere like Facebook or Google… So why would you be a teacher? in a community college?” asked Yamgnane.
His company, Qwasar, offers courses for community college instructors, allowing them to teach what their students need.
“Our job is to be able to provide anyone with enough training to at least have all the basics they need to be able to protect our free world,” Yamgnane said.
The harsh reality is that there is no immediate solution. In the meantime, however, the average American can be an important first line of defense against a cyberattack.
“You want to make sure your online presence is cleaned up, so that means enabling multi-factor authentication, either via SMS or temporary links for your banking or other online services. password that uses local encryption so you can just plug it into your browser and it will secure and help you have stronger passwords and just be aware of when, where and who you get messages from “said Blessing.
According to Deloitte, 91% of cyberattacks begin with a phishing email, a message designed to trick unsuspecting employees into divulging sensitive information.
The bottom line, then, is that protecting sensitive data is no longer the sole responsibility of highly trained cybersecurity professionals, it’s a job for all of us.