July 8, 2022
As the Associate Director and CIO of The United States Information Agency in the twilight years of the (*cough*) last millennium, it would have been hard to envision I would be asked to give a keynote address in 2022 at Tel Aviv University on the “The Role of Cybersecurity in Wartime.”
Global connectivity has fundamentally changed our world—in profoundly positive ways – and in others that pose fresh and sobering risks to our national and global security.
At Israel’s recent Cyberweek convening, I was asked to assess industry’s role advancing cyber response capabilities amid Russia’s aggression toward Ukraine. Even at this early stage, there are lessons that can be leveraged in advancing our collective cyber defense. Perhaps the most important is that we can only defend against potential attacks on our critical infrastructure when industry at all levels and across all sectors are supported with actionable, timely information sharing.
Industry efforts to secure the cyber landscape are improved substantially when governments share intelligence. This past April, USTelecom conducted a global survey of 50 cybersecurity experts in the ICT domain. When asked to identify the support they required most from government, 91% identified receiving actionable and timely information and intelligence as their number one need.
From the perspective of the private sector, I can state unequivocally that we have never been in receipt of such broad threat assessments as we see in the current situation. Beginning in November 2021, as Russia’s intentions in Ukraine became clear, government and industry began a heightened effort to mobilize resources and coordinate activity. While government and industry have previously collaborated on cross-sector playbooks and readiness exercises, the real-world magnitude and operational complexity of these attacks is putting everything we learned to the test and informing new, more detailed strategies.
There are benchmarks that bode well for expanding and enhancing future collaboration.
In the U.S., one of the most significant developments has been the creation of the Joint Cyber Defense Collaborative. JCDC is comprised of both government and industry partners, including USTelecom’s largest members, AT&T, Lumen and Verizon. One of the first products emerging from this joint effort was a Russia-Ukraine tensions plan that lays out objectives for operational coordination between the public and private sectors.
The Critical Infrastructure Security Agency also works with JCDC partners to develop and widely share free cybersecurity tools and resources on its Shields Up website. These offerings have proven particularly impactful for smaller businesses often viewed by our enemies as “target rich and resource poor.”
In 2018, USTelecom created and convened the Council to Secure the Digital Economy in partnership with the Consumer Technology Association and 15 global companies across the communications and IT sectors. This work identified and developed protocols to address numerous threat scenarios directly relevant to Russia’s attacks on Ukraine. These include relentless DDOS botnet attacks against military and financial systems, malware disguised as ransomware to hide Russia’s geopolitical motives and dangerous attacks on industrial systems where our analysis was informed by prior Russian attacks on Ukrainian power grids and other high-value targets.
Because of government-led organizations like CISA and industry-led venues like CSDE, the United States is better informed and organized to understand the threat landscape and mitigate many of the most common risks. Now we must systematize and broaden these mechanisms to ensure critical infrastructure enterprises around the world have maximum access to timely threat information and the latest best practices.
To help deliver on this mandate: USTelecom has formed the International Communications CISO Council, where chief information security officers representing global ISPs will convene to address some of the most challenging threats to our borderless digital ecosystem and to accelerate solutions across all critical infrastructure.
This will be the first communications sector specific convening platform for global CISOs, and our hope is it will emerge as a model for further coordination.
Cybersecurity is a global and rapidly evolving challenge. So, too, must be our collective defense.