How to Win the Cyberwar

BrightPoint-Anneheadshotby Anne Bonaparte

There is no doubt about it. We’re in a cyberwar and the bad guys are winning. Cybercrime set new records in 2014, with hack attacks up 55 percent from the previous year, according to CSO magazine’s “State of the CSO” survey. And 2015 is on track to be even worse. In fact, Symantec says companies with more than 2,500 employees now have a 1 in 2.3 chance of being targeted for attack.

The most virulent hacks are directed by criminal organizations, foreign nation states and terrorist groups with seemingly unlimited resources. We’re no longer talking about some kid in a hoodie operating out of his suburban bedroom. Today’s sophisticated hackers work for organized crime and/or government agencies and they are responsible for untold economic losses. For proof of this, look no further than Sony, Ashley Madison and Anthem.

So how has the situation become this bad? One of the dirty little secrets about the cybersecurity industry is that there are simply not enough security professionals to stop them. Anecdotally, CSO magazine reports that about 90 percent of chief security officers can’t find people for many of the positions they need to fill. This systemic shortage is not a problem that will be fixed overnight. Meanwhile, the demand for security professionals keeps growing, and the attackers keep coming.
We need some new approaches to successfully fight cyber threats. One immediate opportunity is to develop a national, coordinated plan to cultivate that half of the population which is severely underrepresented in the field of security—women. Just 10 percent of information security professionals worldwide are women, according to the latest data from (ISC)2.
If we can solve that numbers problem we can turn the cyberwar in our favor. But we need to approach the security problem in a creative new way. Or, how about a creative old way? I’m thinking about a strategy that worked in a past war. I’m thinking about Rosie the Riveter.
Rosie was one of the most well-known—and effective—cultural icons created during World War II. With so many men away at war, our country faced a serious labor shortage. We needed workers in factories and shipyards to turn out the products required to win the war. And so emerged Rosie, star of a government campaign to recruit women to work in shipyards and the munitions industry.
The concept of a new Rosie came to me when I visited the Rosie the Riveter WWII Home Front National Historic Park in Richmond, Calif., where stories of women’s contributions to the war effort live on. During the war years, women and minorities for the first time took on jobs they never imagined they could or would be interested in. And they loved it. It was inspiring to me to learn at the park the many ways women rose to the war challenge, and to understand the pivotal impact they had in our fight against the Axis Alliance.
You know the old saying: Desperate times call for desperate measures. Desperate times also inspire effective measures. When you are under attack, you do what is necessary, however extreme, to overcome the threat. If the old ideas aren’t working, you break conventions, disregard comfort zones, and experiment with new approaches.
There is a lot of data that indicates a problem is best solved when many different minds work on it from different angles, collaborating and sharing results. In our war against cybercrime, it’s time for a different angle. Until now, women have been largely absent from the fight. That’s a limitation, because we need a 360-degree view of this problem to solve it, and without women this is not possible.
The bad guys are cooperating with each other. They’re working together in an underground cybercrime economy, in which intelligence about vulnerabilities is constantly bought, traded and passed around. Cybercriminal communities share techniques and tools and join forces to conduct attacks.
To keep pace, we need to do the same. We need to team up, engage collectively and beat the cybercriminals. And, just as we needed riveters (add in other roles that correlate to the other series) in WWII, we now need more folks, especially women, to take up careers in information security.
The Rosie campaign and graphics has been repurposed and used even today to remind and empower generations of the value of working together. For the Rosies of WWII, the experience was life changing. They developed new skills, they found new power within themselves, they worked cooperatively, they built communities. And they helped win the war.
To win the cyberwar, we don’t need more generals. We don’t need more Ph.D.s from MIT. A lot of the top talent is already at the command. What we need is information security talent at every level, including entry level, to fill the tens of thousands of jobs now available in the security industry. With the war effort even those that helped with victory gardens, drivers,  neighborhood lookouts and other war efforts contributed to the cause. To win we need to harness all levels of talent for the security of our digital business and lives.
As a starting point, we need more security courses to be taught in our education system to extend access to a much broader community. Industry and public leaders can work together to develop innovative curriculum in community colleges, online courses and universities. Getting creative about how we encourage young people to join the fight against cybercrime is critical for our security.
And we need more women. Without the other half of our population engaged and activated against the growing threat, we can never expect to win this war. We are at a deficit, we need to cultivate and grow the ranks of security professionals to keep up with the cybercriminals.


Anne Bonaparte is the president and CEO of BrightPoint Security.



Leave a Reply

WWPI – Covering the best in IT since 1980