We don't have any real regulations, nor any real teeth to compel private interests to secure and protect their computer systems properly. The ones that do have been burned by breaches or been fined in a SOX or HIPPA audit that exposed critical lapses in standards and basic protections. But note, all of that is reactive.

This is how Capitalism works, its fine until it nearly kills you, then you do something about it. Russia's oligarch system doesn't have this problem. Nor does China. Both of these are the ones banging on our doors.

We are at a disadvantage while our Federal branches dither and private interests don't have a reason (or support) to be proactive about these clear and present threats.

But yes, there are a ton of tech savvy people in the US, but security doesn't pay well, so most of them are doing something more lucrative.

as we are seeing - these hacking attempts are getting more frequent, more destructive and crippling.

It seems to me - just in some of these recent hacks we've experience that it is clear that we need to get proactive about these clear and present threats.

If it's a matter of 'security not paying well' - that has to be addressed and we need to start putting our monies to where we can enlist these tech savvy people before it's too late.

That's a steep hill to climb.

I've been in that room and had those conversations. I've had board members flat out ask me "how much?" then balance the odds of doing nothing, hiding it, and the cost of paying a fine for being pinched.

Because I happen to work in the Financial industry and several board members had already a few strikes on their regulatory records, I was able to argue the cost of proactive security was cheaper than the fines and permanent expulsion from the exchanges when we get pinched.

Because these attacks have been a constant for years. The difference between now and 10 years ago is Nations have weaponized it.

My IT work goes back to the 90s. We saw hacks and malware back then but it was all pointless because there was no real way to monetize it. I worried what would happen if organized crime got involved. They did, in the mid 00's to 10's. That became profitable enough that Nations have noticed and have now gotten in on the game.

We've known for a long time that Russia was in this game. Recall 2008 when Russia invaded Georgia. That 12 day campaign started with a Russian assault on Georgian Internet and before a tank moved, the whole country of Georgia was cut off from the Internet.

This is really serious and only strong leadership from the Executive Branch, with full Federal support and possible nationalization of cyber protections, will give us any chance of defeating it.

Both the Chinese and Russians know how to attack Capitalism. They can and will exploit all the little tiny islands that are corporations compared to the might and resources of those huge nations. They have unlimited manpower, tech and funds to wage these campaigns. Not even Microsoft has that power.

Your statement “I was able to argue the cost of proactive security was cheaper than the fines and permanent expulsion from the exchanges when we get pinched.”

This is of course the right thing to do and glad you got some protective security. How long ago was this?

Last time I had push back like this for a security need was 2009. After the recession it’s been literally open season.

I was on the hardware design side and jumped into security hardware 15 years ago. I am not a billionaire but the money is phenomenal. The work environment is also much better and budgets are really never an issue. The profit margins are very health. I encourage young engineers to focus on getting into the security filed and have help 4 grads get positions. I don’t know a better field in electronics. Yes, I’m just talking about hardware. The software side is even better in my opinion.

Invented the Semiconductor
Invented the Internet
Invented the Operating System
Invented the VAX/Mainframe/Personal Computer/cell, smart and regular phone
Invented the Central Carrier Exchanges, Long Haul Optical, metro and last mile network
The NSA backs up the entire internet 24/7/365

So we did all the hardware and software. Our government has access to everything. It’s like a giant pool where you cannot touch the bottom or see the sides. If you are looking for just one drop of water it can pinpoint it lightning fast.

We have the best hackers in the world. President Biden signed the cyber emergency declaration and that was the formal announcement that things are going to flip. We are on offense now.

This stuff is a on-going conflict that evolves and changes at the speed of computing. "too little, too late" doesn't apply.

What does apply is whomever comes after Biden. If we get a Republican that's on the take with Russia like Trump was, they'll do what Trump did and simply ignore Russia. Then anything we do now, no matter how badass it may be, is meaningless.