The recent hack of network management company SolarWinds, which enabled bad actors to compromise a range of US government agencies and major corporations, has revealed a troubling truth: Business and government expose each other to significant cyber-risks because they are interconnected and rely on the same network of software vendors. That’s why the strategic response must involve more intense collaboration. Simply put, the threat of cyberattacks is too big a job for either government or business to tackle alone.
Cybersecurity complaints to the US Federal Bureau of Investigation more than tripled during the pandemic last year, while the average payment by victims of ransomware jumped 43% in the first quarter of 2021 from the preceding quarter. Attacks on the software supply chain are growing exponentially, and the burgeoning Internet of Things (IoT) and 5G wireless technology offer more vulnerabilities to exploit.
Governments have a broad view of potential threats through law enforcement and intelligence capabilities, but they tend to see things through a national security lens rather than commercial risk. Companies have firm- and sector-specific risk information and often enjoy better access to cybersecurity talent, but they can’t easily take an economy-wide view and may find themselves overwhelmed by state-sponsored attackers.
Credit: World Economic Forum