Understanding the Cyber-Weapons Arms Race and your risk

It’s time to examine your IT budget allocations

If anyone still needs convincing that cyber threats merit focused attention from business leaders, look no further than the 2021 Financial Times and McKinsey Business Book of the Year. Nicole Perlroth’s in-depth analysis and walk through the secretive cyber exploits market in This Is How They Tell Me the World Ends: The Cyber-Weapons Arms Race should be required reading for anyone in the position of examining and prioritizing business decisions, including IT budget allocations. 

Policymakers, Big Tech leaders, and the hackers that often spur them to action are making decisions that affect the security and operations of U.S. companies of all sizes. The software and online services on which many companies rely to conduct their daily business are prime avenues through which nefarious actors—whether backed by nation states, criminal groups, or a lone enterprising individual—can disrupt business operations. 

Disruption is the name of the game. Sometimes it is in pursuit of a payday and other times it’s to garner information or access to benefit other goals. No matter how rote or inconsequential the business operations may seem in the grand scheme of things, neither serves as a form of information security. Anyone connected to the internet is part of the game, regardless of their interest level.

Perlroth introduces the uninitiated into the world of cyber exploits, the markets for “zero day” software vulnerabilities, and the ongoing geopolitical dance among countries to both limit the use of ever-expanding cyberwarfare tools and maintain a competitive arsenal. All of this, combined with the permeability of most company networks and databases—not to mention government agencies—is a resounding call for even the most tech-averse individuals to start asking questions of those they entrust with the security of their information and operations.

Cyber-weapons are a world-wide threat

The shifting cyber threat landscape for businesses and communities from Middle America to the coasts, Perlroth emphasizes, has a direct correlation in many cases to the U.S. foreign policy decisions made by elected leaders. Businesses do not have to be prominent U.S. or global players to have the dubious distinction of being singled out by hackers dispatched at the behest of a nation state responding to a U.S. policy action (or lack thereof). Ultimately, businesses and citizens often fall victim to the shifting tides of diplomatic relations brought to bear by changes in policies, leadership, and the priorities of the day. 

Businesses and the stakeholders that hold them accountable, need to prioritize information security discussions on their already full agendas. It may be daunting, but a glance at newspaper headlines reporting yet another ransomware attack or data leak, and most certainly the pages of This Is How They Tell Me the World Ends, should spur action. U.S. national security and business competitiveness depend on it.

Collective problem solving is our forte at Grayline. Whether you are seeking to better understand cyber threats specific to your business or industry, need in-depth analysis of geopolitical risks to inform your decision making, or want assistance with identifying a starting point for prioritizing information security, Grayline is here to help.