Cybersecurity expert: Threats are varied and very real
Today’s high-tech world is too intricate for many people to comprehend fully, but its growing complexity exposes people, companies and governments to potential theft, blackmail and damage.
“Cyber-security threats are the No. 1 threat facing our world when it comes to our economy and our infrastructure,” said Lucian Niemeyer, CEO of non-profit Building Cyber Security, at a Tysons Regional Chamber of Commerce forum Oct. 18 at The Boro’s ICON Theater.
“In the past, you’ve seen cyber attacks go after your data, your privacy, your personal information [and] in some cases going after intellectual property from companies, particularly by nation states wanting to gain a technological advantage,” Niemeyer said.
Those data attacks have morphed into infrastructure-system breaches that can create enormous harm or ensure unauthorized access to those facilities when desired, he said.
Niemeyer especially is concerned about cyber-terrorists who feel they have nothing to lose by inflicting enormous infrastructure damage and “really altering our way of life in a matter of hours.”
The Biden administration has initiated the “Shields Up” program to protect critical national infrastructure, said discussion facilitator Fadi Muhsen.
Established in 2020, Building Cyber Security’s mission is to address cyber-safety and security concerning technologies embedded in homes, cars and buildings, said Niemeyer, a retired U.S. Air Force lieutenant colonel and former U.S. assistant secretary of defense for energy, installations and environment.
One of Building Cyber Security’s key goals is to establish an easy-to-implement, national cyber-security framework to design connected systems that do not endanger human life, he said.
People, businesses and governments have three choices when it comes to risk: Assume it, transfer it to insurance or mitigate it.
President Biden issued an executive order earlier this year promoting the concept of “zero-trust architecture,” which encourages the public to be wary of anything connected to the Internet and use extra verification measures when conducting transactions, Niemeyer said.
“Trust, but verify” was President Reagan’s Cold War catchphrase in the 1980s, but now the motto should be, “Don’t trust and still verify,” Niemeyer said.
Homeowners also must decide how much risk they’re willing to take, he added. Those who install “smart” televisions, baby monitors and front-door security cameras should know that strangers could hack into them and invade their privacy or create unsafe conditions, he said.
“We all want the convenience,” Niemeyer said. “Is that enough to override what might be a threat?”
People for three decades have bought anti-virus protection for their personal computers and should use similar vigilance for the “smart” devices they’re putting in their homes, buildings and cars, he said. Modern vehicles have about 1,500 microchips in them, none of which tells motorists if their systems have been hacked, he added.
Ransomware attacks, in which hackers threaten the computer systems of companies and governmental agencies, also are “a very easy way to make a lot of money,” Niemeyer said.
Corporate CEOs, especially ones in utility industries, need to focus heavily on protections from cyber attacks, lest they be held personally accountable for damages, he said.
The cost for implementing heightened cyber-security measures depends on how much certain businesses rely on high technology, Niemeyer said.
Basic measures – such as using default passwords and multi-factor identification and training staff not to click on suspicious “phishing” links – can reduce cyber threats by about 80 percent, he said.
Those working in commercial real estate should assess their vulnerability to attacks on their buildings’ elevators, fire-control systems and other infrastructure, which could affect those assets’ value, Niemeyer said.
Insurance companies are becoming more vigilant about policy holders’ cyber-security systems and may deny claims if measures allegedly in place haven’t been implemented, he said. Premiums and deductibles in the cyber-insurance market are rising, he added.
“The rates are going up to where at some point they may be unaffordable,” Niemeyer said, adding, “A widespread terrorist cyber attack really right now is uninsurable and there’s a lot of discussion within the insurance industry on how best to handle it.”