Security Central: United Nations Exposes Security Gaps, Russia Issues Kaspersky Threat

Written by Allison Francis
July 6, 2017

I think we can all agree that our country's cybersecurity defenses need some work. A lot... of work. From individuals, to small to large businesses, to our own government, we are in dire need of a serious reevaluation/massive overhaul of our cyber defense strategy. But, as it turns out, we're not the only ones.

I think we can all agree that our country’s cybersecurity defenses need some work. A lot… of work. From individuals, to small to large businesses, to our own government, we are in dire need of a serious reevaluation/massive overhaul of our cyber defense strategy. But, as it turns out, we’re not the only ones.

On Wednesday, the United Nations released a survey called the Global Cybersecurity Index (GCI) that shows huge gaps in the security among the world’s most powerful countries. The survey takes a hard look at defense capabilities in 134 countries and focuses on five pillar areas: technical, organizational, legal, cooperation and growth potential.

Singapore had a near-perfect cybersecurity score with the United States coming in second, but, according to Reuters, many of the other highly rated countries were small or developing economies. The rest of the top 10 were Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France and Canada. Russia ranked 11th. India was 25th, one place ahead of Germany, and China was 34th. So, the takeaway here is that smaller, poorer countries are kind of owning the cybersecurity game. However, that’s not to say there aren’t major holes that need to be fixed.

“Cybersecurity is an ecosystem where laws, organizations, skills, cooperation and technical implementation need to be in harmony to be most effective,” the survey said. “There is still an evident gap between countries in terms of awareness, understanding, knowledge and finally capacity to deploy the proper strategies, capabilities and programmes.”

The survey goes on to say that the degree of interconnectivity of networks implies that anything and everything can be exposed, and everything from national critical infrastructure to our basic human rights can be compromised. The most important first step for countries is to adopt a national security strategy, but as it turns out, a whopping 50 percent of countries don’t have one.

The survey noted that there’s no global standard for cybersecurity, which is obviously problematic. So, what’s the solution?

Our next story takes a look at yet another boxing match we’ve gotten ourselves into with Russia. Talk has been swirling about that the U.S. Congress may ban the Department of Defense from using Kaspersky Lab’s cybersecurity software, according to Communications Minister Nikolay Nikiforov (as reported by Bloomberg). This has serious implications, because, well, Russia. They have threatened to retaliate if this ban does indeed occur.

Any “unilateral political sanctions” by the U.S. may prompt daggers from Russia, whose government systems use “a huge proportion of American software and hardware solutions in the IT sphere, even in very sensitive areas,” Nikiforov said in an interview last Friday. It’s not clear what exactly the response would be, but Nikiforov strongly hinted that implied that Russia could put a halt to hiring American companies for its tech solutions. He stated that Russia uses “a huge proportion of American software and hardware solutions in the IT sphere, even in very sensitive areas.”

As one would expect, there are growing concerns over the company’s close ties to Russia — specifically because of the country’s meddling in last year’s presidential election. “The ties between Kaspersky Labs and the Kremlin are very alarming,” said U.S. Sen. Jeanne Shaheen (D-N.H.), who introduced the amendment in the committee’s bill. “This has led to a consensus in Congress and among administration officials that Kaspersky Labs cannot be trusted to protect critical infrastructure, particularly computer systems vital to our nation’s security.”

Kaspersky Lab said it doesn’t cooperate with any government in cyber-espionage. Our last story takes a look at Microsoft’s shift towards cloud-first organization. Microsoft is expected to unveil a business reorganization plan on July 5 that will support this shift (according to a report Friday by the Puget Sound Business Journal).

Microsoft first introduced the concept of “mobile first, cloud first” several years ago, but that mantra continues to guide the company as it invests in emerging areas like machine learning and artificial intelligence (AI). Last month, Microsoft spruced up some of its cloud, AI and data platform business units, which included the creation of a new Cloud AI Platform organization which will be led by Corporate Vice President Joseph Sirosh.

The organization will oversee Azure Search, Azure Machine Learning, the Microsoft Bot Framework, R Server and the Algorithms and Data Science Solutions team (as reported by Talkin’ Cloud). It will be interesting to follow this strategy shift and the effects it will have on the tech/cyber sphere.

The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.