Skip to content

READ TIME: 4 MIN

Cybersecurity as a Matter of National Security

Business security, energy security, food security…national security. All one in the same.

While Iowa grain co-op, New Cooperative, may seem far removed from the capital of the U.S. government, a ransomware attack threatened food security of people in the Midwest. The event is not just a concern for local residents; the cyberattack, and its implications, are a concern for everyone across the nation.

A few months before the $5.9 million attack on New Cooperative, the world’s largest meatpacker based in Brazil, JBS, experienced a ransomware attack that disrupted meat production in North America and Australia during the height of grilling season. Prices of U.S. beef shipped to wholesale buyers increased more than 1%, according to USDA.

And it’s not just the agricultural sector that cybercriminals can target to cripple U.S. national security. In May, another ransomware attack hobbled Colonial Pipeline, interrupting fuel service for six days to large sections of the east coast. The oil pipeline finally paid $4.4 million for the decryption key.

Furthermore, certain industries are more heavily targeted for their widespread effects on broader swaths of the U.S. population. Markets with essential services face more threats and harbor greater responsibility in shoring up vulnerabilities.

Here are the top 10 most targeted industries and their most common form of cyberattack in 2020, according to 2021 X-Force Threat Intelligence Index.

Top 10 Industries Targeted in 2020*
Most Common Attack Per Industry in 2020*
1. Finance
Server access attacks
2. Manufacturing
Business Email Compromise
3. Energy
Data theft and leaks
4. Retail
Credential theft
5. Professional Services
Ransomware
6. Government
Ransomware
7. Healthcare
Ransomware
8. Media
Malicious domain name system (DNS) squatting
9. Transportation
Malicious insider or misconfiguration
10. Education
Spam or adware
*According to findings in 2021 X-Force Threat Intelligence Index
The ever-increasing onslaught and sophistication of cyberattacks is not just a concern for businesses. They pose an imminent threat to the security of the U.S. and the privacy, health, and financial well-being of its residents. The significance of cybercrime cannot be ignored and is on the minds of the nation’s top government officials. Earlier this year, President Biden released Executive Order 14208, addressing the modernization of the nation’s cybersecurity. Here are a few takeaways from Biden’s “Improving the Nation’s Cybersecurity”:
  • IT service providers must inform the government of cybersecurity breaches that could impact U.S. networks.
  • A standardized playbook outlines a predetermined set of federal responses to cyber incidents.
  • The Federal Government must modernize its cybersecurity infrastructure through cloud services and zero-trust architecture, mandated multifactor authentication and encryption, robust endpoint detection and response, and consistent event logging practices.
  • Software developers must share certain security data publicly and must meet baseline security standards before the software can be sold to the government.
  • A Cybersecurity Safety Review Board, comprising government and private sector officials, may convene after a cyberattack to analyze the event, its causes, and impacts, and make recommendations to further improve the nation’s cybersecurity.

Cybersecurity is so important that the President of the United States is making sweeping Executive Orders to improve it.

If the United States has a multilayered approach to protecting the nation’s cybersecurity and cyber resilience, shouldn’t your business have a plan?

Here’s a list of effective tactics to build your business’ multilayered cybersecurity:

  • Endpoint Detection and Response
  • Windows Patching and Third-Party patching
  • Cloud Email Security per User
  • Cybersecurity Health Check and Review
  • Security Awareness Training
  • DNS Security
  • Incident Response and Remediation
  • Vulnerability Scans of Network Edge
  • Security Information and Event Management (SIEM)
  • Event Log Correlation and Aggregation
  • 24/7/365 Monitoring
If your company only has some or even none of the abovementioned cybersecurity measures in your IT repertoire, NexusTek has developed three customizable, managed cybersecurity plans—Essential, Standard, and Advanced—comprising user-focused strategies and carefully selected solutions to protect, detect, and respond to cyber risks and threats that target your business. As an SSAE-18 SOC II certified company and award-winning managed service provider, NexusTek has the expertise to build and improve your cybersecurity. We protect your company and customers so you can help protect your country.