U.S., Companies 'Absolutely Not' Prepared for Nation-State Cyberattacks

Businesses and the Fed aren't even ready for unsophisticated attacks.

Edward Gately, Senior News Editor

May 27, 2021

7 Slides
Nation-State Cyberattack
Shutterstock

A panel of cybersecurity experts agree the United States is nowhere near prepared to handle sophisticated nation-state cyberattacks.

The Wednesday panel was moderated by Paul Ferrillo, privacy and cybersecurity partner at Seyfarth. It addressed the SolarWinds hack, the Biden Administration’s cybersecurity executive order, and the upcoming Department of Homeland Security (DHS) cybersecurity regulations for the pipeline industry.

In addition, the panel discussed strategies to increase cyber-risk and systemic-risk communications between the board, C-Suite and IT.

Panelists included:

  • Jerry Bessette, senior vice president of Booz Allen’s cyber incident response program.

  • Chris Cummiskey, CEO of Cummiskey Strategic Solutions.

  • Kate Fazzini, CEO of Flore Albo.

  • Robert Zukis, CEO of Digital Directors Network.

Cybercriminals at a Clear Advantage with Nation-State Cyberattacks

When asked if companies and the federal government are prepared for nation-state cyberattacks, Bessette said “absolutely not.”

Bessette-Jerry_Booz-Allen.jpg

Booz Allen’s Jerry Bessette

“Networks are still so complicated,” he said. “And there are still so many organizations, including government agencies, that aren’t doing the basics. So we’re just not prepared for the next attack.”

Zukis said “on a scale of one to 10, and 10 being totally prepared, I’d say we’re at about a two, and we’re not going to move that needle until we start to understand systemic risk and how it interacts with cyber risk.”

Hackers have clearly figured out the system is in and of itself the weak point and they’re exploiting it,” he said. “And unfortunately we’re at ground zero at this point.”

Fazzini-Kate_Flore-Albo.jpg

Flore Albo’s Kate Fazzini

Fazzini said “we are also not prepared for the next unsophisticated attack.”

“If you look at what happened at the Colonial Pipeline, this was not like the SolarWinds attack; it was a ransomware attack,” she said. “And in fact, from everything I understand, the pipeline itself was shut down and all this disruption was caused because the company was confused about what it should do.”

See our slideshow above for more discussion of SolarWinds, federal response and more.

Read more about:

MSPsVARs/SIs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like