The fourth installment of “Ripped from the Headlines with Andrea Bonime-Blanc” focuses on the business implications from what appears to be a quieter (but certainly no less active and potentially more ominous) global cyberwar.
This is the third issue of “Ripped from the Headlines with Andrea Bonime-Blanc” a collaboration between Athena Alliance and GEC Risk Advisory in which we summarize without attribution some of the learnings and take-aways from a a headline news story of great significance to our members discussed at our monthly “Ripped from the Headlines” Salons and which we share here for all to benefit from.
Let us know what you think on the LinkedIn version of this newsletter!
I began the conversation by presenting recent headlines from several reliable sources (including the Wall Street Journal, the New York Times, Axios, Reuters) about Chinese state-backed hacking of US Treasury computers and China’s acknowledgment of its role in US infrastructure hacks. I also touched on the ongoing Salt Typhoon, Volt Typhoon cases and a recent case in which surreptitious communications devices were found on installed solar batteries. I also covered the controversy surrounding the Trump Administration national security team’s use of Signal for secret group communications, their switch to Telemessage—a commercial communications app generally considered to be even less secure than Signal. We also touched on recent cyber incidents involving cryptocurrency exchanges (Coinbase) and retail chains (UK’s Marks & Spencer), emphasizing the importance of cyber resilience for any type of organization.
The meeting covered a range of topics related to cybersecurity, with a focus on current threats, government policies, and business preparedness. Participants discussed the increasing frequency and sophistication of cyber-attacks, particularly those targeting critical infrastructure and government systems, the convergence of the physical, virtual risk and social engineering spaces in heightening cyber-insecurity, as well as the challenges faced by businesses in responding to this continuously morphing threat landscape. The conversation touched on the importance of cyber resilience, data protection strategies, and the potential impact of emerging technologies like quantum computing and AI on cybersecurity with important practical take-aways for us to implement.
The group discussed the role of state and local authorities in addressing cyber threats, particularly in light of emerging policy trends that suggest a potential shift of some cybersecurity responsibilities from federal to local jurisdictions. Participants raised concerns about the growing capabilities of state-sponsored hacking groups—such as the Iranian-based Cyber Av3ngers—which have been linked to disruptive attacks on industrial infrastructure globally. While decentralization of cyber responsibility may encourage localized responsiveness, it also introduces significant challenges, particularly given the limited resources and cybersecurity expertise often found at the state and municipal levels.
Also discussed were some of the recent developments, including a power outage in Spain and Portugal (not ascribed to being caused by a cyber-attack but nevertheless under investigation), deepfake scams, and the potentially existential impact of quantum technology on de-encrypting all encryption that exists today. I highlighted the convergence of cyber, social engineering, and social media in creating sophisticated online scams. On that note, I recommended a podcast series by The Economist called Scam Inc. that explores these multifaceted, converging threats and scams.
We examined recent data highlighting the growing threat of cybercrime to critical infrastructure, citing sources such as CrowdStrike. Notably, global cyber actors—including China, Russia, Iran, and North Korea—were identified as key players, while the U.S. accounted for only 2.3% of attacks.
Also noted was a significant increase in cybercrime costs, from $3 trillion in 2015 to a projected $10 trillion in 2024. Participants reflected on the broader implications of the Trump Administration’s cybersecurity policy changes, including shifts toward deregulation and reduced enforcement. There was concern about how these trends might weaken the US technology protection posture and have serious potential implications for the business community.
The participants discussed the increasing frequency of cyber-attacks and the challenges companies face in reporting them to authorities under new SEC regulations. A participant expressed concern about the lack of clarity regarding which government agencies companies should contact in the event of a cyber-attack, highlighting the need for better guidance from federal and state governments. I suggested that board members should consult with their management team, including the CEO, general counsel, chief risk officer, and chief information security officer, to better understand and address these issues.
A participant expressed concerns about cybersecurity threats to national infrastructure, particularly in the context of recent deregulations and potential vulnerabilities in sectors like energy and transportation. We discussed the impact of reduced funding and resources on critical infrastructure, including air traffic control, and warned about the potential for cyber warfare from adversaries already embedded in U.S. infrastructure systems. Participants acknowledged the growing risks and discussed the challenges of responding to cyber threats in real-world scenarios, with one participant noting the longer recovery times needed for companies to come back from a serious cyber event.
A knowledgeable participant emphasized the importance of having alternative sources and backup plans to enhance resilience against cyber threats and natural disasters. She highlighted the need for the business community to step up and urge the government to support core functions like defense, while also advocating for cyber insurance as a proactive measure for small businesses and nonprofits. A participant shared her experience managing a crisis during a power outage, stressing the value of having a well-prepared crisis management plan, which she implemented after 9/11. Both participants agreed on the necessity of tabletop exercises to prepare for potential cyber threats and emphasized that companies often wait until a major incident occurs to take action.
The group discussed the implications of the recent DOGE take-over of several federal agencies and departments which has significantly increased vulnerabilities for not only the government, but for both businesses and individuals. Several participants were concerned that the DOGE work within the federal government could have the potential of being the largest cyber-attack on the US Government, with unprotected or easily accessible data being potentially exploitable by various nefarious domestic and foreign actors. A participant emphasized the importance of focusing on controllable measures such as building resilience, conducting tabletop exercises, and ensuring backups, rather than challenging the administration directly. The discussion concluded with a recognition of the need for businesses to prepare for potential future cyber incidents, though collaboration among businesses seems unlikely for now.
The group discussed cyber security challenges, with a participant sharing details about an upcoming cyber tabletop exercise in Northern California featuring FBI representatives and cyber insurance experts. A participant highlighted the importance of cyber security services for small and medium-sized businesses, mentioning a cyber expert named Tara Wheeler who specializes in helping smaller organizations. Another participant shared insights from a conversation with a cyber expert at one of the Magnificent Seven technology companies who expressed concerns about the intersection of quantum computing and AI in cyber security, comparing current protection methods to lions protecting zebras.
Two participants discussed the potential impact of quantum computing on cybersecurity, expressing concern about the lack of preparation and resources for many companies. Another participant shared insights from a tour of New Jersey’s Cyber Command Center, highlighting the complexity of law enforcement coordination at various levels and the need for better understanding of overlapping responsibilities. The participants emphasized the importance of local law enforcement’s reliance on federal agencies like the FBI, while acknowledging potential challenges in less affluent areas.
The group discussed cyber resilience and data protection strategies, with one participant emphasizing the importance of identifying and protecting “crown jewels” within an organization. Additionally, a participant suggested that companies leverage free resources from prime contractors for cybersecurity training. I shared insights from a 2015 Conference Board report I wrote on “Emerging Practices in Cyber-Risk Governance”, noting that basic cybersecurity practices remain pretty similar to a decade ago and are crucial despite advancements in quantum computing and AI.
The participants contributed a variety of useful tips and practices which can be summarized as follows:
I ended the presentation by including a link to my Conference Board Research White Paper titled “Emerging Best Practices in Cyber Risk Governance”” which though 10 years old still holds in its 10 recommendations for good cyber governance. Link to read here.
© Athena Alliance 2025