Credit: Associated Press/J. Scott Applewhite
2013 was another eventful year in the brief history of cyberspace - with more online holiday shopping, more spear-phishing, some big technology successes, a few government project failures and more virtual surprises than ever before.
But the biggest cyber news from 2013, and a story that will be told for decades, is the tale of Edward Snowden. While many do not support his actions, the ramifications from his disclosures have changed the global debate regarding online privacy, insider threats, cloud computing and the role of government surveillance in cyberspace. Some supporters even call him the person of the year.
No doubt, this story will continue to unfold in 2014, with Snowden spending this Christmas hiding from US authorities in Russia. He continues to make headlines by releasing new NSA information and threatening to unveil even more secrets. So much so that some U.S. government leaders want to grant Snowden amnesty to come home if he stops leaking.
The year started with industry-wide predictions of more mobile malware, hacking-as-a-service and especially ransomware. The ransomware predictions turned out to be accurate with cryptolocker ransomware stories becoming a major issue in 2013. For example, this article describes the psychological impact of getting the notice that your data is being held hostage.
There were early hopes for a national doctrine on cybersecurity and possibly even federal legislation. But what we did get was the importance of critical infrastructure protection showing up for the first time in the President’s State of the Union Address, along with an Executive Order on protecting cyber assets. A timeline was laid out for the new NIST Cybersecurity Framework, and progress has been made on that front all year.
The RSA Conference was bigger than ever in 2013, with several takeaways. One focus was the role of big data, and another was an overall sense that cybersecurity is hotter than ever.
We kept hearing more and more about wearable technology in 2013, with pictures and reports of the special few that were seen using products such as Google Glass. The privacy implications and restrictions will be an interesting theme in 2014 as some governments consider whether to bar driving while wearing virtual-reality glasses.
The Boston bombing was a major story, along with the many implications in cyberspace.
In government, the growing importance of FIRSTNET for dealing with emergencies started to emerge in several ways. Also, cyber training and awareness education for technical staff and end users was a constant theme.
The National Governors Association launched a Call to Action on Cybersecurity this fall, and several events signaled the shift to local attention on this matter. There was also a new focus on working across public/private lines in the event of cyber emergencies.
The other major tech trends involving big data and cloud computing may have slowed a bit – with the Snowden story causing some to rethink some aspects of their strategy. The Snowden leaks also slowed cybersecurity legislation.
“According to a report by Gartner, Inc, a technology research company, the worldwide security technology and services market is forecast to reach $67.2 billion (Dh246.6 billion) in 2013, up 8.7 per cent from $61.8 billion in 2012. The market is expected to grow to more than $86 billion in 2016. McAfee’s in July reported that US companies where losing an estimated $100 billion annually due to cybercrime.”
At the Michigan Cyber Summit in October 2013, Richard Stiennon suggested that the cybersecurity industry will grow tenfold in ten years. Indeed, new sub-industries are being born within cybersecurity that focus on topics such as incident response and new ways to secure critical infrastructure.
As we head into 2014, we face an explosion of new social media and other online services that are transforming society in new ways. It’s hard to believe that Facebook is still not 10 years old.
Trying to predict the next big cyber event like the Snowden leaks or a major “Cyber Pearl Harbor” is almost impossible. And yet, it would be wise to heed the words of the outgoing Secretary of Homeland Security Janet Napolitano, who may end up of having the cybersecurity quote of the year when we look back several years from now. The Department of Homeland Security's former director said:
“Our country will, for example, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society.
While we have built systems, protections and a framework to identify attacks and intrusions, share information with the private sector and across the government, and develop plans and capabilities to mitigate the damage, more must be done, and must be done quickly.”
Only time will tell, but I suspect the former Secretary is right.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.