CISA Director Jen Easterly gave her opening statement before the House Select Committee on Strategic Competition Between the United States and the Chinese Communist Party. If you haven’t had the pleasure of hearing her speak, then you’re missing out on listening to a highly competent security professional. As others have said, she came out swinging.
The evidence against China is undeniable. I have to say that, a few years ago, I was skeptical that China was using manufacturing to build a cyber infrastructure within our infrastructure. I’m not anymore. Being able to erode civilian confidence in our government and being able to shut off civilian infrastructure is the new warfare. We’ve all seen if happening already.
Last fall I attended a conference and heard Alex Crowther, (Strategist. Cyber Policy Specialist. NATO/Europe Specialist. International Affairs Specialist. Politico-Military Specialist. Researcher. Latin American Foreign Area Officer. Light Infantry Officer), speak and was fortunate to spend two meals engaged in one-on-one conversation with him about his qualifications, duties and the status of cyber warfare in the world. He said something that haunts me to this day. He said that Russia and China consider themselves to be in a cyberwar with us.
Unfortunately, both have the jump on us. Our government isn’t allowed to engage our population in cyberwarfare defense, because we have laws that prevent the use of taxpayer dollars to influence US citizens. Any effort to engage the civilian population in cyberwarfare defense runs afoul of these acts. For example, in Canada the government runs programs to encourage people to be polite to one another. The US government can’t do that because it falls under propaganda.
This means that IT professionals and educators are the ones to fill these gaps and protect individuals and businesses from cybercrime. That’s a level of sophistication and professionalism that many IT firms do not possess today. But you read the lists that Canalys comes out with regularly, then you may have seen this one on MSP opportunity. Their research says that MDR will be the #1 growth engine for MSPs and will increase by 50% in 2024 and also that cyber security managed services will grow 15% this year. Canalys also says that AI is a once in a generation opportunity for our industry, but cyber security can’t be far behind. I mean just look at those 2024 predictions.
Does this mean that we all have to become security specialists? No, but does mean that we have to become darn good security generalists and view cyber security has a minimum a standard as patching. Businesses will expect it and they’ll expect your level of expertise and professionalism to match those of their other trusted advisors.
Not a member of NSITSP yet? Join yourself or join your company!