Is a state-sponsored cyber attack imminent?

255 views8 Comments

SVP, Chief Information Security Officer in Education, 5,001 - 10,000 employees
China's an overt threat to the United States, as is Russia, but my question for CISOs is: How do you think you’ll be attacked? Do you think somebody in China will launch an attack against your organization if they've done their recon and know that you have strong perimeter defense? That's not what most concerns me. Given my background in federal law enforcement, what keeps me up at night is the potential for a foreign agent to be physically inside your network. In other words, they've infiltrated the country, acquired jobs in the actual target environment, and are now insiders. So it’s those insider attacks that concern me most. And it’s not just paranoia from seeing movies, because I lived in the government for quite a while.

For example, I once helped a forensics team figure out how a particular environment had been breached on such a deep level. That exercise led us to the cleaning crew, because they had physical access to the entire environment. We discovered that a nefarious actor group had injected their people as employees of this cleaning crew, which gave them physical access to all of these devices when everyone else was at home. And when they were done “cleaning”, they left and nobody knew what they’d done.
Director, Information Security Engineering and Operations in Manufacturing, 5,001 - 10,000 employees
A state-sponsored cyber attack is already happening...

Director in Manufacturing, 1,001 - 5,000 employees
They have been occurring for years to steal intellectual property and information. And it won’t stop. Will it escalate into sabotage like the Colonial Pipeline…. Maybe but perhaps not until conventional skirmishes begin
CISO in Software, 10,001+ employees
In many panels at the RSA Conference a few weeks ago, the speakers indicated that the risk of Russian GRU and SVB based attacks was imminent due to the sanctions leveraged against Russia.
CIO in Government, 1,001 - 5,000 employees
I think 'imminent' is overly optimistic.  If you have anything of interest to them (depending on the threat actor --> some e.g. China -> Intellectual property, North Korea -> money, Russia -> influence, but of course, there are many possibilities) you should assume they are already in your network, in your building, amongst your employees.  The issue is that all cyber attacks are not going to look the same.  They're not going to overtly shut you down if they can sit and exfiltrate data instead.  They're not going to be loud when they are instead trying to silently influence or use you to infect through a supply chain.  
Director of Information Security Operations in Consumer Goods, 1,001 - 5,000 employees
Yes it is - there is no way around it - and its running as we speak 
CISO in Finance (non-banking), 10,001+ employees
Well it depends from case to case and country to country. However in most likely cases it is very much predictable and most likely to happen. For ex. for country like India who is having not so good and strong relationship with China these days because of border related disputes and for US with Russia where then there is sudden dip in the relationships because of US intervention in Ukraine - Russia war, Countries use hackers as an weapon to start the cyber warfare and end up having more and more cyber attacks against the other countries government websites, nation critical infrastructure systems and other financial organizations who are contributing more to the revenue of the country and are termed as critical infrastructure of the country and if those are successfully breached then it will bring the reputation down of the country. Hence CISOs have to be very careful in handling security matters and ensure adequate controls are implemented in all the entry points of the network to defend against these kind of state sponsored attacks and keep a close watch and wherever possible block the entire other country incoming internet traffic in all network entry points. 
Head of IT and Security in Finance (non-banking), 51 - 200 employees
It's already happening and it probably should be... not sure it would achieve It's purpose but at least it's a step 

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
42k views131 Upvotes319 Comments

Yes, going with a best of breed model - multi-vendor29%

Yes, going with a single vendor SASE model52%

Learning/Planning Phase11%



385 views1 Comment