Cybercrime: most likely that word makes you nervous at the prospect of a drained bank account or a little anxious about the threat of identity theft. But what if the intent of a devious hacker was to alter the rate of your friend’s pacemaker or to deliver lethal doses to American diabetics using internet-dependent insulin pumps? What if the cybercrime resulted in a news blackout or an actual “fake news” story declaring an American city was under siege?
Fighting cybercrimes is a burgeoning and all-inclusive business today. For Lockheed Martin, the company just named the primary contractor for the Department of Defense Cyber Crime Center (DC3), it recently translated into a $347 million contract. Lockheed has just been commissioned to manage the investigation of criminal and counterintelligence events for the next five years. DC3 provides services to many government agencies including the FBI, Homeland Security, The Defense Security Agency and the U.S. Cyber Command. The contract award was based on Lockheed’s analytical and forensic expertise as demonstrated with the government since 2012.
To guard against all the potential cyber threats to their way of life today, the government must remain proactive in cybersecurity management and alerts. For example, the FDA has issued a 30-page guidance report (i.e., new rules) for medical device manufacturers and hospitals, outlining programmatic security recommendations for identifying and addressing “post-market cyber-vulnerabilities”. This is of great concern to the medical field, since internet hackers could conceivably affect insulin pumps, pacemakers, imaging systems, and other internet-reliant devices.
Protecting instruments from being hijacked is complicated and beyond the expertise of most medical device manufacturers, who are more interested in making tools that work than they are in learning about counterespionage measures. To help, the National Cybersecurity Center of Excellence collaborated with the University of Minnesota’s Technological Leadership Institute to draft the “National Institute of Standards and Technology’s Cybersecurity Practice Guide, Securing Wireless Infusion Pumps in Healthcare Delivery Organizations.” In the future, we can expect that many universities will be receiving many more federal dollars to invest in this type of research.
Meanwhile, here’s a twist on conventional thinking — private enterprise is now offering to fund government workers who want to start their own cybersecurity businesses. Because hacking and cyber espionage experience and talent in the greater Washington area outpaces most private company learning curves, DataTribe has situated new business incubator offices in Silicon Valley and Maryland. It is pledging up to $3 million in startups created by government workers looking to go entrepreneurial.
DataTribe, based in Fulton, Maryland, manages a $35 million investment fund created to guide cybersecurity startups toward an initial public offering or acquisition. So far, Dragos, Kasala and Enveil have signed on. More entrepreneurs are being recruited in the areas of cybersecurity, analytics, big data and big data management. The carrot for leaving the security of a government job is up to $1.5 million in seed or A Round funding is being offered to qualifying startups.
Cybercrime is a world threat today, and safeguards come at great cost to keep our citizenry safe from emerging threats from invisible sources. True security measures will demand collaboration between the best university, private sector, and government thinkers, and our continued support — the tax-paying beneficiaries.