Cyber Warfare:  How Lack of Due Care, Due Diligence, and Negligence are Quickly Turning the World’s “Nightmare” into an Unwelcome Everyday Reality

It is October, and once more, we at Cyberwyze join our nation in observing the yearly Cybersecurity Awareness Month with hope and confidence for a more secure America, a luxury that we once took for granted, but not anymore; the difference is so obvious, as cyberwarfare rages on.

With the daily headline news, most times, highlighting information security breach, it is obvious to all of us now that cyber warfare is no longer a probability; it is now a global reality, more so for the United States government and its citizens.  However, the United States is more than capable to confront this monster and its perpetrators head-on and prevail.  This, also, is a reality.  Cyber warfare is no longer a “nightmare”, that can be wished away; rather it has become a complex, nagging headache that won’t go away with an over-the-counter medication.  Therefore, it demands to be ruthlessly responded to and eliminated, regardless of how long the battle rages on.  This is the reason the United States cannot relax until she has overwhelmingly helmed in all who are bent on destroying the U.S. government and its citizens regardless of the level of their “frequency and sophistication of intrusions into United States networks, and I confidently attest to the great job that the information security professionals in this nation are doing to stop this monster.

However, considering the frequent breaches and intrusions into our nation's networks, it is becoming increasingly disconcerting how the lack of due care, due diligence, and negligence continue to make all the efforts of some conscientious and selfless information security professionals nothing but a load of frustration.  Fair enough, the enormous number of daily attacks is enough to engender security fatigue, however, there is a maxim that wisely states that “he who is surrounded by adversaries is always on guard for his life”.  Therefore, to directly face this challenge effectively and prevail regardless of the daunting nature of this undertaking, the management and key stakeholders who are responsible for governance need to seriously and diligently ensure that every “t” is crossed and every “i” is dotted; nothing left undone with constant audit and monitoring of the activities occurring in their respective organization's networks.  Talk of going the extra mile all the time―that is exactly what the information security threat environment calls for, absolutely no dilly-dallying, or unnecessary bureaucracy.  This is war; it is either fight, with absolute vigilance, or die. Period.

The importance for the U. S. government to mandate putting in place sophisticated advanced persistent threats (APTs) and risk-mitigation strategies to detect backdoors, trojans, and malicious codes to protect all the nation’s computer networks, public and private, taking cue from what Microsoft and other computer technology companies have done for their organizations and supply chains can never be overemphasized .  These strategies must, of paramount importance, take into consideration speed as a frontline defense strategy as well as due diligence (extra care and vigilance 24/7) among other things if it plans to prevent any further intrusions into the nation's computer networks, both public and private including individual citizen's homes and businesses, and, of course, to remain the world leader in information technology.  This type of action is necessary to effectively guard against the theft of our sensitive information and destruction of our nation's critical infrastructure, logistical and operational plans, the commercial information and intellectual properties and trade secrets of her citizens and their businesses.

                So, without mincing words, I ask us, what will it take for us to wake up and smell the coffee, and understand the handwriting on the wall, and start taking the security of our nation’s assets and customers’ sensitive information seriously, and desist from mortgaging them at the altar of business margins or bottom line?  This nation can no longer condone negligence, and lack of due care and diligence, the most basic, non-technical house-keeping countermeasure in the cybersecurity domain, which is annoyingly and unacceptably so rampant within our organizations, as most have failed to put the security of their customers as a primary security responsibility, choosing rather to secure their bottom line at the expense of the source of their existence―their most valuable asset―customers and their information.  That is the reason that the recent information security breaches perpetrated on organizations such as Equifax, Yahoo, Target, to name a few, due to gross negligence and lack of due care and diligence is downright unacceptable, and must stop already!  Our nation has stringent information security laws, and now is the time to start seriously putting those laws into execution to waking up security-irresponsible organizations, because failure to do so becomes tantamount to aiding law breakers to the doom of this nation, that is already unimaginably under enormous millisecond-cyber-attacks daily.

Cybersecurity is everybody’s business, and the least that we all, responsible citizens and users of information and the cyberspace, can do, is to have a culture of due care and diligence, that goes a long way in the current cybersecurity threat environment to securing our assets and peace of mind to strengthen the efforts being made by security professionals in this nation to effectively combat and eradicate cybercrimes.  It is not enough to merely deploy and implement expensive security technologies, while shirking the responsibility of maintenance and conscientiousness (due care and diligence), which is what sets apart mediocrity and excellence; just as it would be futile and total waste of taxpayers’ money to build a road infrastructure, without the normal ongoing maintenance work.

The fact is that we are engaged in an unconventional warfare, and the American citizens need to understand it ; therefore, due care and diligence and active vigilance 24/7, is of utmost importance for achieving resilience, victory, and thriving over cyberwarfare; anything less will be self-defeating and very sad, because none of us would like the outcome, and that is the crux of the matter!