“I do think that’s the number one problem with mankind,” calling cyber attacks a bigger threat to humanity than nuclear weapons. – Warren Buffett
His talent for predicting the stock market has seemed to carry over to the cybersecurity space, given Buffett made this statement at Berkshire Hathaway’s annual shareholder meeting just before this spring’s WannaCry devastation.
The government appears to be heading Buffett’s warnings with Trump having just signed an executive order on cybersecurity, aimed at:
- Agencies employing the NIST framework
- Holding departmental secretaries and agency directors accountable for security
- Promoting a government-wide initiative to modernize IT to include more secure systems
- Recognizing the need for transparency around cybersecurity disclosure
Additional government indicators:
- New SEC Chairman, Jay Clayton, has thrown his support behind a Senate bill that would require companies to disclose whether their board of directors has a cybersecurity expert.
- There’s a push for every regulatory authority in the financial, energy and healthcare arenas to have a senior leader overseeing and coordinating security policy and execution. The SEC appointed their own in June 2016 when they brought on Christopher Hetner, former cybersecurity chief at E&Y and GE Capital, as senior adviser on cybersecurity.
- Trump’s pick for Treasury Department general counsel, Brent McIntosh, co-leads the cybersecurity practice at international law firm, Sullivan & Cromwell LLP.
This is a significant amount of government activity around cybersecurity. And rightfully so. Begs the question, are you doing enough?