By: Denise Simon | Founders Code
Go here for the Forum Part One
Go here for the Forum Part Two
Fascinating speakers from private industry, state government and the Federal government describe where we are, the history on cyber threats and how fast, meaning hour by hour the speed at which real hacks, intrusions or compromise happens.
David Hoge of NSA’s Threat Security Operations Center for non-classified hosts worldwide describes the global reach of NSA including the FBI, DHS and the Department of Defense.
When the Federal government spends $76 billion in 2017 and we are in much the same condition today as we were then, Hoge stays awake at night.
With North Korea in the news constantly, FireEye published a report in 2017 known as APT37 (Reaper): The Overlooked North Korea Actor. North Korea is hardly the worst actor. Others include Russia, China, Iran and proxies.
Targeting: With North Korea primarily South Korea – though also Japan, Vietnam and the Middle East – in various industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive, and healthcare.
Initial Infection Tactics: Social engineering tactics tailored specifically to desired targets, strategic web compromises typical of targeted cyber espionage operations, and the use of torrent file-sharing sites to distribute malware more indiscriminately.
Exploited Vulnerabilities: Frequent exploitation of vulnerabilities in Hangul Word Processor (HWP), as well as Adobe Flash. The group has demonstrated access to zero-day vulnerabilities (CVE-2018-0802), and the ability to incorporate them into operations.
Command and Control Infrastructure: Compromised servers, messaging platforms, and cloud service providers to avoid detection. The group has shown increasing sophistication by improving their operational security over time.
Malware: A diverse suite of malware for initial intrusion and exfiltration. Along with custom malware used for espionage purposes, APT37 also has access to destructive malware.
More information on this threat actor is found in our report, APT37 (Reaper): The Overlooked North Korean Actor.
Beyond NSA, DHS, as with other agencies, has cyber divisions. The DHS cyber strategy is found here. The fact sheet has 5 pillars:
DHS CYBERSECURITY GOALS
Goal 1: Assess Evolving Cybersecurity Risks.
We will understand the evolving national cybersecurity risk posture to inform and prioritize risk management activities.
Goal 2: Protect Federal Government Information Systems.
We will reduce vulnerabilities of federal agencies to ensure they achieve an adequate level of cybersecurity.
Goal 3: Protect Critical Infrastructure.
We will partner with key stakeholders to ensure that national cybersecurity risks are adequately managed.
Goal 4: Prevent and Disrupt Criminal Use of Cyberspace.
We will reduce cyber threats by countering transnational criminal organizations and sophisticated cyber criminals.
Goal 5: Respond Effectively to Cyber Incidents.
We will minimize consequences from potentially significant cyber incidents through coordinated community-wide response efforts.
Goal 6: Strengthen the Security and Reliability of the Cyber Ecosystem.
We will support policies and activities that enable improved global cybersecurity risk management.
Goal 7: Improve Management of DHS Cybersecurity Activities.
We will execute our departmental cybersecurity efforts in an integrated and prioritized way.
Related reading:National Protection and Programs Directorate
NPPD’s vision is a safe, secure, and resilient infrastructure where the American way of life can thrive. NPPD leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure.
*** Going forward as devices are invented and added to the Internet and rogue nations, along with criminal actors, the industry is forecasted to expand with experts and costs.
Research reveals in its new report that organizations are expected to increase spending on IT security by almost 9% by 2018 to safeguard their cyberspaces, leading to big growth rates in the global markets for cyber security.
The cyber security market comprises companies that provide products and services to improve security measures for IT assets, data and privacy across different domains such as IT, telecom and industrial sectors.
The global cyber security market should reach $85.3 billion and $187.1 billion in 2016 and 2021, respectively, reflecting a five-year compound annual growth rate (CAGR) of 17.0%. The American market, the largest segment, should grow from $39.5 billion in 2016 to $78.0 billion by 2021, demonstrating a five-year CAGR of 14.6%. The Asia-Pacific region is expected to grow the fastest among all major regions at a five-year CAGR of 21.4%, due to stringent government policies to mitigate cyber threats, and a booming IT industry.
Factors such as the growing complexity and frequency of threats, increasing severity of cyber security, stringent government regulations and compliance requirements, ubiquity of online communication, digital data and social media cumulatively should drive the market. Moreover, organizations are expected to increase IT spending on security solutions and services, as well. Rising adoption of technologies such as Internet of things, evolution of big data and cloud computing, increasing smartphone penetration and the developing market for mobile and web platforms should provide ample opportunities for vendors.
By solution type, the banking and financial segment generated the most revenue in 2015 at $22.2 billion. However, the defense and intelligence segment should generate revenues of $50.7 billion in 2021 to lead all segments. The healthcare sector should experience substantial growth with an anticipated 16.2% five-year CAGR.
Network security, which had the highest market revenue in 2015 based on solution type, should remain dominant through the analysis period. Substantial growth is anticipated in the cloud security market, as the segment is expected to have a 27.2% five-year CAGR, owing to increasing adoption of cloud-based services across different applications.
“IT security is a priority in the prevailing highly competitive environment,” says BCC Research analyst Basudeo Singh. “About $100 billion will be spent globally on information security in 2018, as compared with $76.7 billion in 2015.”