Despite an onslaught of media coverage on cyberattacks and the impact of cybercrime on businesses and governments around the world, most people and, worse, most countries still don’t view cybercrime as a national security issue.
Unlike some other areas of organized crime, cybercrime poses a direct threat to national security and the everyday lives of citizens. These malicious actors can target critical infrastructure like hospitals, pipelines, the financial system, energy facilities, shipping ports, and airports. One of the most well-known examples of the impact cybercrime can have on critical infrastructure and how quickly things can go wrong is the Colonial Pipeline ransomware attack and its aftermath, which disrupted economic activity.
National Intelligence Agencies Are Focused Elsewhere
However, even as the damages inflicted by cybercrime increase every year, national intelligence agencies remain focused on other national entities and terrorist groups. This leaves private organizations on their own, unarmed and incapable of dealing with malicious actors’ growing sophistication and resources.
This is a colossal mistake that could lead to catastrophic consequences. Cybercrime is the central threat in cyberspace. To effectively combat it, nation-states must recognize the harm it can do and take proactive steps to lay the foundation for an international alliance for cybersecurity. Picture it as the NATO of cybersecurity. By coming together as a group, these nation-states can better protect their people, critical infrastructure, and proprietary technology from cyber threats, while also strengthening international relations.
To date, countries have failed to rise to the occasion. Some would even venture to say that we’re moving backward, as international tensions rise as a result of the war in Ukraine and other conflicts. Additionally, the ever-growing patchwork of data privacy laws has created new roadblocks for information sharing and response times. In order to shift the narrative and get on the right course to establishing a new international organization geared to the mitigation of, protection against, and punishment of cybercriminals, we first must establish three overarching branches of enforcement.
The policy and strategy branch: Using the information and data collected by the intelligence branch, a policy and strategy team would be able to develop best practices, guidelines, and regulations that serve as the bedrock for a robust national cyber environment. By sharing and implementing these policies, the alliance can create a common framework that enhances cybersecurity measures and minimizes vulnerabilities across borders.
The operations branch: Lastly, any new international cybersecurity alliance will need an operations branch. This branch would be responsible for implementing, executing, and enforcing laws, as well as taking actions to deter cybercriminals and legally pursuing them. By collectively responding to cyber threats, the alliance can demonstrate a unified front against cybercriminals, making it more challenging for them to exploit vulnerabilities across member countries.
In addition to establishing the three branches of the alliance, there are several other key components that are necessary. These include infrastructure, a host country, and like-minded member countries:
Cybercriminals already operate across borders, sharing knowledge and collaborating on a global scale. It’s time for nations to do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic.