Secretary Nielsen said the danger of a cyber attack exceeded that of a physical attack on the US ©Department of Homeland Security
Secretary Nielsen said the danger of a cyber attack exceeded that of a physical attack on the US ©Department of Homeland Security

US forecasts cyber ‘hurricane’

2 August 2018

Businesses in the US need to prepare for a cyber “hurricane”, the secretary of homeland security has warned.

Secretary Kirstjen Nielsen said the danger of a cyber attack “now exceeded the danger” of a traditional, physical attack on the nation and she called for more cooperation between the public and private sectors.

She announced the creation of a National Risk Management Center (NRMC) to centralise the government’s response to cyber threats and improve collaboration with the private sector.

The annoucement comes just a few days after a US intelligence report warned firms of hackers were targeting software supply chains.

Speaking at the National Cyber Security Summit this week, Nielsen said: “We are in crisis mode. The cat five hurricane has been forecast and now we must prepare.” Category five is the most severe classification used in the US.

She added that individuals, industries, infrastructure and institutions were all targets and listed a number of recent incidents including Russia’s interference in the presidential election, the WannaCry attack that affected businesses and organisations internationally and other high profile data breaches.

“I believe that cyber threats collectively now exceed the danger of physical attacks against us,” she said.

NRMC marked a move away from a focus on individual assets and companies to a cross-sector outlook. She said it would focus on looking for weak points or “concentrated dependencies” that would have a “ripple effect” if compromised. It would also aim to improve collaboration between government, the private sector and individuals and speed up the sharing of information to “help connect the dots” on cyber threats.

She compared the centre to a 911-style emergency number for cyber attacks. “The best thing to do would be to call this centre,” she said.

NRMC will start by focusing on financial services, telecommunications and the energy sectors and aims to have completed a joint risk assessment within 90 days.

Nielsen also announced the launch of voluntary supply chain risk management programmes, and said the Department of Homeland Security would be partnering with companies to “hunt down unseen security weaknesses and to limit our attack surface”.

☛ Want to stay up to date with the news? Sign up to our daily bulletin.

£75,000 - £90,000 + fantastic bonus package
Evolve Commercial Ltd
United Kingdom
£55,000 - £65,000 + fantastic bonus package
Evolve Commercial Ltd
CIPS Knowledge
Find out more with CIPS Knowledge:
  • best practice insights
  • guidance
  • tools and templates