Cyber threat warnings rise steadily in 2011

The cyber threat to the U.S. government and critical infrastructure has increased significantly during the past 12 months.

While working on the latest cyber situation report, I couldn’t help but notice the significant increase in the cyber threat when compared with the threat rating in 2010. For those unfamiliar with the term, a cyber situation report is defined as a regularly scheduled update to an existing report or an ongoing status of an event or threat related to cyberspace. It is issued as conditions change or events begin to unfold. This is a communications method used to keep those with a need to know up to date.

The area seeing one of the larger increases in activity over that in 2010 are the numerous warnings that are being released. An increased amount of research and threat analysis has alerted digital asset owners, critical infrastructure providers and others to the real threats and vulnerabilities that could expose these organizations to acts of espionage, sabotage and attacks.

The subcategory gettting the most concern is mobile devices. It is hard to pick up a technical publication and not see one or two articles on this topic. The second area receiving a fair amount of attention is cloud security. The adoption of this model of computing services has security practitioners calling for security to be built in and not treated as an afterthought, as is often the case.

Although there are still those who believe this threat is overblown, the overwhelming majority recognize the threat, and several believe the current state of defensive measures falls short.  Many believe it will take a cyberattack that disrupts our normal way of life before the threat will be properly addressed.