As critics report that US sanctions on Russia following recently cyberattacks are mostly symbolic, the question arises: what long-term solutions exist to limit the increase in, and severity of, state-sponsored cyber-attacks?
Please see a comment below from John McClurg, CISO at BlackBerry, discussing the problem with imposing reactive sanctions, and his thoughts on how proactive prevention can do critical work to prevent the success of these attacks, which could in turn lead to a decrease in their initiation.
<p>These sanctions highlight a growing issue in punishing cybercrimes at an international level. With cybercrime mercenaries becoming more affordable, what we will likely see as a consequence is an accelerated use of these out-sourced crime services. This bolsters the ‘plausible deniability’ that an offending nation-state can stand behind when conducting such campaigns. </p> <p> </p> <p>As far as “closing this gap”, the optimum way to do that is to abandon the reactive detection paradigm and its associated defense-in-depth structure that feeds it. While we may yet be shorthanded, even with a thorough-going embrace by the community of an AI support paradigm of proactive prevention, many of the resources being thrown at the legacy gap will be liberated to be applied in other critical areas such as insider threat mitigation.</p>