Trending Now
We have updated our Privacy Policy and Terms of Use for Eurasia Group and its affiliates, including GZERO Media, to clarify the types of data we collect, how we collect it, how we use data and with whom we share data. By using our website you consent to our Terms and Conditions and Privacy Policy, including the transfer of your personal data to the United States from your country of residence, and our use of cookies described in our Cookie Policy.
{{ subpage.title }}
Ranking cyber threats: CISA chief Jen Easterly
Just a few years ago, we were worried about non-state actors like ISIS carrying out major cyberattacks. Is there still a threat?
"Low probability, but high impact," US cybersecurity chief Jen Easterly tells Ian Bremmer on GZERO World. Also, attacks by non-state actors are harder to verify.
The bigger problem, she adds, is the dozen or so states that are using cyber to do sort of lawful things like collecting intelligence, but then go about using such tactics for nefarious purposes.
And we don't have many rules in place to deal with that.
Watch the GZERO World episode: Hackers, Russia, China: cyber battles & how we win
How private businesses help fight cybercrime
The federal government wants to help US businesses better defend themselves against cyberattacks — but little can be done if corporations don't report them.
That's why the Biden administration is championing a new law that forces them to do so, says Jen Easterly, head of the Cybersecurity and Infrastructure Security Agency.
The Cyber Incident Reporting for Critical Infrastructure Act requires whoever operates critical infrastructure to report attacks coming from state and non-state actors.
And that data will "drive down risk in a much more systematic way," Easterly tells Ian Bremmer on GZERO World.
Watch the GZERO World episode: Hackers, Russia, China: cyber battles & how we win
- A (global) solution for cybercrime - GZERO Media ›
- Biggest cybersecurity threat to watch in 2022 - GZERO Media ›
- Will the US be able to withstand cyber attacks on critical ... ›
- SolarWinds hack a wake-up call to the tech sector - GZERO Media ›
- Does Jeh Johnson consider Russia's cyber attack against the US to ... ›
Hackers, Russia, China: cyber battles & how we win
The next decade will be a turning point in the global cyber arms race. And the stakes are very high.
If measured as a country's GDP, cyber crime would now be the world's third-largest economy after the US and China. And it only takes a single password — as Americans learned after the 2021 Colonial Pipeline attack — for cyber crime to cripple a company or humiliate a nation.
On GZERO World, Ian Bremmer speaks to Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, tasked with defending the country from all cyber threats — foreign and domestic.
America, she says, has finally gotten serious about protecting itself from cyberattacks. But the federal government still needs cooperation from the private sector, which operates 80% of the critical infrastructure that serves our daily basic needs.
Easterly also digs into how Russia is the urgent cyber threat, though China could do more damage in the long term -- and whether the US is prepared to defend itself from both adversaries.
- Will the US be able to withstand cyber attacks on critical ... ›
- Biggest cybersecurity threat to watch in 2022 - GZERO Media ›
- A (global) solution for cybercrime - GZERO Media ›
- Russian cyber attack could trigger NATO's Article 5, warns NATO ... ›
- Russia's cyber attack: an act of espionage or war? - GZERO Media ›
Will the US be able to withstand cyber attacks on critical infrastructure?
The US Cybersecurity and Infrastructure Security Agency was set up in 2018 to help protect America's critical infrastructure.
It might sound like a technical term, but CISA chief Jen Easterly explains that critical infrastructure is how we get water, power, gas — even food at the grocery store. And 80% of it is operated by the private sector.
So, how does the agency help businesses defend themselves from hackers?
"In cybersecurity, the federal government is just a partner ... so we all have to work together to drive down risk to the nation," Jen Easterly tells Ian Bremmer on GZERO World.
- Does Jeh Johnson consider Russia's cyber attack against the US to ... ›
- Podcast: Lessons of the SolarWinds attack - GZERO Media ›
- SolarWinds hack a wake-up call to the tech sector - GZERO Media ›
- Biggest cybersecurity threat to watch in 2022 - GZERO Media ›
- A (global) solution for cybercrime - GZERO Media ›
- Hackers, Russia, China: cyber battles & how we win - GZERO Media ›
Impact of Microsoft hack deepens; why cyber attacks target healthcare
Marietje Schaake, International Policy Director at Stanford University's Cyber Policy Center and former European Parliamentarian, shares insights on the latest news about big tech, privacy protection and emerging trends in cyberspace.
What is the deal with the recently revealed Microsoft hack?
Well, it's the second hack of historic proportions after SolarWinds. At first, it was considered a targeted Chinese effort to go after individuals critical to the state. But last week we saw escalations with victims now estimated in the tens, if not hundreds of thousands. And the US government CISA called on all organizations in all sectors to follow guidance and to patch the vulnerabilities that are being exploited, even if that does not stop already gained access by hackers.
Why is the healthcare sector increasingly a target for cyberattackers?
Well, sadly, because it's too lucrative. People share sensitive data with doctors and hospitals, and criminals as well as state hackers are after money, by holding the data ransom or by going after key information, for example, about COVID-19 vaccines. So, it's crucial to increase the price that perpetrators pay for their actions. The accountability gap really needs to be closed. And the CyberPeace Institute, where I serve as president, just released, fresh off the press, a new report mapping the methods, but also giving policy recommendations. The report is called "Playing with Lives: Cyberattacks on Healthcare are Attacks on People." And I think the report answers the why and how of cyberattacks on healthcare better than I can.
- Hackers shut down US pipeline ›
- Would you pay a cyber ransom? - GZERO Media ›
- Cloud computing and US cybersecurity - GZERO Media ›
- US & allies unite against China's cyberattacks - GZERO Media ›
- QR codes and the risk to your personal data - GZERO Media ›
- Is a Huawei ban possible in Brazil? Poly Network cryptocurrency heist - GZERO Media ›
Assessing the damage from the Russian cyber attack
Experts are still trying to assess the scope of Russia's cyber attack against the United States. But even without all the details in, former Homeland Security Secretary Jeh Johnson provides a sense of the damage: "If one assumes that this was espionage, then the Russians know a lot more about people like you and me or people in government or our capabilities or what we are talking about within government or within some of the more sophisticated elements of the private sector." Johnson's conversation with Ian Bremmer was part of the latest episode of GZERO World.