Cybersecurity report: All countries lag behind the bad guys
The new report from McAfee and SDA ranks Finland, Sweden and Israel as the countries most prepared for cyber-threats
IDG News Service - The U.S. and U.K. are relatively well prepared for cyberattacks, compared to many other developed nations, but everyone has more work to do, according to a new cybersecurity study from McAfee and Security & Defence Agenda (SDA).
The report, which ranks 23 countries on cybersecurity readiness, gives no countries the highest mark, five stars. Israel, Sweden and Finland each get four and a half stars, while eight countries, including the U.S., U.K., France and Germany, receive four stars. India, Brazil and Mexico ranked near the bottom.
No country is ahead of cyberattackers, said Phyllis Schneck, CTO of the public sector for McAfee. The bad guys are "faster and swifter" than the good guys, she said.
Cybercriminals don't have to wrestle with legal and policy questions and freely share information with each other without worrying about competitive issues, she said. "We're up against an adversary that has no boundaries, and we have to go to meetings and write reports to put data together," Schneck added. "We're at a huge disadvantage."
SDA, a cybersecurity think tank in Brussels, interviewed 80 cybersecurity experts for the report and surveyed an additional 250. Fifty-seven percent of survey respondents said they believe a cyber arms race is happening, and 36 percent said they believe cybersecurity is more important than missile defense. Nearly half, 45 percent, said cybersecurity is as important as border security.
A common theme among the cybersecurity experts was a need for real-time global information-sharing about cyber-threats. Cyber-experts have long called for the better sharing of information among companies and between private businesses and government, Schneck said, but the report opens up the idea of new global agreements -- short of difficult-to-approve treaties -- that can lead to information sharing.
Countries can work together to establish information-sharing "rules of the road," Schneck said. "While you can't have a free for all -- just throw it all out there -- there should be a way to take the most egregious information and make it actionable by a man on a machine."
Companies are worried about endangering their customers, lowering their stock prices and other problems that come from sharing too much information, she added. "I think every rational person on the planet would agree that, if you put all our information together, we get a better threat picture," she said. "By the time we figure out the crumb that we can share, it's no longer even valuable."
But real-time information sharing is one way legitimate groups can gain an advantage over cyberattackers, Schneck said. "That's what the adversary cannot do," she said. "The adversary does not own the network infrastructure; the good guys do. They can't do anything real time, as far as putting data together, we can."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts