The JBS Meat Placement Plant is seen in Plainwell, Michigan, June 2, 2021.
Jeff Kowalsky | AFP | Getty Images
Hardly a week goes by without the announcement of a new cyberattack directly impacting the security and well-being of American businesses and citizens.
Whether focused on espionage, disruption, or high-tech ransomware, these attacks affect all Americans. And here’s the scary part: We only hear about a small portion of the attacks that occur every day against employers, nonprofits, and local governments.
The recent cyberattacks against Colonial Pipeline and the food processing company JBS underscore the importance of ransomware in particular, and cyber vulnerabilities more broadly. As the two companies resumed normal operations, the lines of gas stations a few weeks ago and concerns about a possible meat shortage finally made our heads of government say: “Enough, this is enough. ‘is enough”.
We must turn this resolution into action.
The first step is to recognize the reality of the situation. No entity – large or small, public or private – is immune to this threat. No company has a chance to fight against state actors alone, no matter how much resources it may devote to cybersecurity. The government cannot fight against these actors alone either. It is often private sector networks that are attacked, and the private sector provides the innovation needed to detect and defeat attacks.
That’s why the United States Chamber of Commerce supports strong government-private sector collaboration to improve cyber defenses and strengthen the deterrence, detection and remediation of ransomware and other cyber threats.
Private sector entities will benefit from early warning and intelligence from government partners to see threats on the horizon, allowing them to strengthen their defenses before an attack.
In turn, the United States and allied governments can benefit from increased transparency from the private sector when attacks materialize. The private sector and the US government can achieve a more robust cyber defense posture through collaboration.
We must also lead the fight against our adversaries. The U.S. government has a responsibility – and international authority – to act decisively against cyber attackers, to prevent them from operating with impunity, to hold them accountable, and to deter them from future malicious activity. Cybercriminals must be warned that attacks on our country and our economy will not be tolerated.
The government has recently taken positive steps. President Joe Biden decree on improving the country’s cybersecurity provides a deliberate, comprehensive and strategic approach to improving cybersecurity on federal networks and strengthening incident response. The process described by the decree includes significant engagement with the private sector.
Homeland Security Secretary Alejandro Mayorkas recently spoke at a Chamber event and identified the fight against ransomware as one of his department’s top cybersecurity priorities.
The Justice Department has announced that it is elevating ransomware investigations to the same priority as terrorism cases, and the FBI has recovered the majority of the bitcoins used in paying the Colonial Pipeline ransom.
Finally, the White House offered advice on steps businesses can take and recognized the role of the U.S. government in working with allied nations to disrupt and deter ransomware groups and impose the necessary consequences on those who attack them. American institutions.
The private sector must also intensify. The Chamber recommends that businesses of all sizes take steps to improve their cyber defenses, develop an incident response plan, and build relationships with law enforcement officials responsible for assisting when an attack occurs. occurs.
The attacks of the past few months – those we have heard of and those we have not heard of – show how high the stakes are. There is a lot of work to be done. It is time for government and the private sector to do it together.
Christopher Roberti is the senior vice president of cybersecurity, intelligence and supply chain security policy at the United States Chamber of Commerce.