Skip to main content

China Actively Preparing Cyber Threats: US Grapples with Balancing Security and Privacy Concerns

I recently watched the January 2024 House hearing entitled "The CCP Cyber Threat to the American Homeland and National Security". It highlighted the growing concern over China's aggressive cyber activities that have plagued our technical infrastructure for decades.  

China Actively Preparing Cyber Threats: US Grapples with Balancing Security and Privacy Concerns
U.S. Cyber Command Commander General Paul Nakasone, FBI Director Christopher Wray, National Cyber Director Harry Coker, CISA Director Jen Easterly, and Rep. Mike Gallagher (R-WI).


I was locked into what Jen Easterly, the Director for the Cybersecurity and Infrastructure Security Agency (CISA) was saying throughout the hearing.  She emerged as a key voice, emphasizing the need for a shift in perspective against China and their active pursuit of cyber threats toward the U.S.

Router me this, Batman

Not to get dramatic, but Easterly painted a concerning picture, stating that China is actively preparing for cyberattacks that could "incite societal panic and chaos." This aligned with reports from FBI Director Christopher Wray, who revealed the discovery of hundreds of US routers compromised by a Chinese hacking group called "Volt Typhoon." These incidents underscore the vulnerability of critical infrastructure and the potential for widespread disruption.

Clear up the jargon


Jen Easterly's call to revise certain tech jargon ("Data Care" instead of "Cybersecurity") resonates deeply with me.  I too believe in simplifying the mystery of cyber in order to empower individuals with the knowledge to safeguard their data effectively and to be presented with business-friendly terms.

Easterly emphasized "We can't nerd-speak our way out of this problem."  (At that point, I think I murmured "Amen, sister!")

Section 702

One topic of the hearing was the heavily debated Section 702 of the FISA Amendments Act (Foreign Intelligence Surveillance Act).  Section 702 authorizes the collection of foreign intelligence from non-US persons without a warrant. While intended to combat national security threats since 9/11, it raises privacy concerns for some people.

The debate hinges on striking a balance.  As Easterly suggests, "we need to be much more creative and much more collaborative" in our approach.  This could include increased public-private partnerships—which involve industries and government entities working together, improved information sharing between the federal agencies, and a focus on building resilience within critical infrastructure systems.

This situation requires a response from multiple angles.  Technical expertise is essential, but so is clear communication and a commitment to data security that transcends technical jargon.  

Cybersecurity (Data Care) needs to be a core business concern

As Easterly pointed out, safeguarding our data is a shared responsibility, and achieving this requires a collective effort that speaks to everyone, not just cybersecurity professionals. 

All business owners and employees have a role to play in creating a culture of data security within their organization.  By prioritizing data care and fostering ongoing education and awareness, businesses can build a stronger defense against cyber threats and protect valuable information.  This collaborative approach is crucial in today's digital world.

Here is the link to the hearing press highlights from January 31, 2024


Labels:

Comments

Post a Comment

Popular posts from this blog

AI and Cybersecurity: A Powerhouse Duo for Small Businesses

Small businesses face complex and expensive cybersecurity challenges, but AI is being used to simplify defenses, making cybersecurity protection more affordable for small companies.  Read on to discover how embracing AI can work to secure your digital assets and improve your data care. Cybersecurity can feel like a complex beast, especially for small businesses.  Between technical jargon and ever-evolving threats, it's tough to know where to start.  But there is good news: Artificial intelligence (AI) is entering the scene, offering powerful tools to simplify and strengthen your efforts. Think of AI as a super-smart security guard.  It's constantly scanning, analyzing, and learning, keeping you one step ahead of the bad guys. Here's how AI can be your cybersecurity hero:
Post a Comment
Read more

Humans: The Achilles' Heel of Cybersecurity. Better Passwords For Your Data Care.

When I’m not researching and writing about cybersecurity, I have a normal day job working in the development department for a nonprofit organization where, just yesterday, I found three cybersecurity alerts in my Outlook email. “You must change your password…”; “We had a phishing incident…”; “Our IT company has initiated MFA…”. It was a lovely way to begin my morning. I was puzzled that someone in our mid-sized company was tricked into clicking a malicious email link. How could this happen? Doesn’t everyone realize what phishing emails look like? The improper English; fake links, the sense of urgency? Apparently, not… H umans are still the weakest link in any data care plan. I sometimes feel that costly cybersecurity tools are more about protecting companies from their own employees than external threats. Businesses should elevate employee education, awareness, and periodic trainings to strengthen data care and minimize human error. I have some inexpensive ideas I often share with busi...
Post a Comment
Read more