What UK/US cyberthreat cooperation means for global cybersecurity

What UK/US cyberthreat cooperation means for global cybersecurity

To tackle today’s sophisticated cyberthreats, organisations must take a proactive approach to cybersecurity – an essential aspect of a rounded and effective strategy. Danny Lopez, CEO at Glasswall, discusses what this means and explores how the UK/US cybersecurity partnership is a testament to the strength of the transatlantic security and intelligence alliance.

Meeting at the recent Cyber Management Review in Maryland, intelligence and cybersecurity representatives from the UK and US reaffirmed a joint commitment to disrupt and deter new and emerging cyberthreats. Together, both governments have a crucial role to play in the fight against global cybercrime, and in many ways, they set the tone for how organisations far and wide approach these challenges.

The announcement followed annual bi-lateral discussions between representatives from Government Communications Headquarters (GCHQ), the National Security Agency (NSA) and the US Cyber Command.

In a joint statement, they said that strategic engagement in cyberspace is crucial to defending our way of life, by addressing these evolving threats with a full range of capabilities. To carry this out, they said they intend to continue to adapt, innovate, partner and succeed against evolving threats in cyberspace.

These kinds of high-level commitments are increasingly important. With a cyberattack occurring every 39 seconds in 2021, the world is experiencing a diverse range of challenges, including an ongoing ransomware crisis which will likely continue its upward trajectory in 2022.

For instance, attackers are increasingly using a more personalised approach to blend into regular network traffic to look like an insider. They are also turning to more sophisticated technologies to automate their efforts and are employing Machine Learning techniques to understand what influences the behaviour of their targets. Equally concerning is the development of polymorphic malware that continually changes its features to evade detection. There is a very real risk that in the near future, organisations will be faced with a situation where every piece of malware is novel or unique.

As a result, having consistent strategies across the world’s most powerful nations to help prevent attacks of this nature will be vital in stopping future cyber disasters. Not only does enhanced strategic engagement between the two countries provide a clear roadmap for increasing defence capabilities in cyberspace, it also acts as a deterrent to those perpetrating attacks on businesses and public sector organisations on both sides of the Atlantic.

Consequently, the UK and US seem set to increase their efforts to engage with online adversaries. In doing so, their announcement makes repeated reference to ‘imposing consequences’ on cybercriminals and nation-state protagonists. This is a welcome re-statement of the determination of both governments to proactively address a wide range of serious cybersecurity risks.

It also serves as a reminder to organisations across both public and private sectors that taking a proactive approach to cybersecurity is an essential part of a rounded and effective strategy.

A proactive strategy

In contrast, take the emphasis many organisations currently place on antivirus and sandboxing technologies in preventing cyberattackers from accessing networks and data. While these familiar solutions play a vital role in identifying and blocking a huge number of threats, they are reactive in nature. This presents a particular problem when trying to secure networks against malicious content hidden within files and documents shared in their billions worldwide on a daily basis.

Specifically, securing systems against the risk posed by file-based attachments forms part of a comprehensive approach to issues such as ransomware and zero day threats. One large enterprise, for example, processed 115 million attachments over a period of just three months – a huge opportunity for bad actors looking to distribute malware. Even after attachments had undergone malware scanning, hundreds of files were later found to contain malware, because they had not yet been recognised by the tools as ‘known bad’ and could therefore penetrate the organisation. 

Among the challenges this presents is that approximately 1 in every 100,000 files contains potentially malicious content, with 98% of them being unknown by antivirus and sandboxing solutions for anything up to 18 days before they can mitigate the risks. That’s a potentially devastating blind spot for networks that are already under immense pressure from cybercriminals who are employing more sophisticated tactics in order to succeed.

Taking a proactive approach means that IT infrastructure is protected from these ubiquitous threats before they reach users via attachments. For instance, comparing the ‘DNA’ and content of each file and document to its ‘known good’ industry specification enables organisations to proactively eliminate cybersecurity risks. It’s vital, however, that this is achieved without negatively impacting employee productivity or disrupting effective user experiences.

As a result, users can be protected from the type of attacks that have proved so effective for cybercriminals looking to distribute malware and exploit a wide range of vulnerabilities that exist across today’s networks, services and applications. With the outlook for the next 12 months likely to present both familiar and completely new risks, organisations that fail to review and – where necessary – modernise their cybersecurity strategies are likely to see their levels of vulnerability increase.

In a world of unknowns, this is crucial for organisations that want to focus on building a comprehensive security stack that keeps ahead of the evolution of cybersecurity risks. It also forms part of a rounded security strategy in which forward planning is combined with effective technologies to significantly reduce the risk both before and after a security breach.

The UK/US cybersecurity partnership is a testament to the strength of the transatlantic security and intelligence alliance. As world-leading cyber powers, a combined effort between both countries will see each benefit from this partnership and will better protect our connected nations and beyond. This will offer a crucial foundation for organisations across both public and private sectors to meet the cybersecurity challenges they will inevitably face in 2022.

Browse our latest issue

Intelligent CISO

View Magazine Archive