A second area of focus must be in the way we understand and address threats. The threat landscape has evolved dramatically in the past three years: Starting in 2008 with the growing ability of viruses and malware to evade anti-virus signature technologies; to the pandemic scale of attacks launched by criminals in 2009 for profit; to more sophisticated attacks organised by nation states in 2010.
In 2011 we must also defend against the potentially catastrophic danger of Advanced Persistent Threats perpetrated by non-state actors and terrorists. By manipulating control systems in critical infrastructure facilities, Stuxnet was the first Trojan to cross the chasm from the digital realm into the physical world. Stuxnet foreshadows what the future of cyber warfare or terrorism might hold and is the reason that next generation infrastructure initiatives like smart grid must have security embedded. According to researchers from IEEE SmartGrid Comm2010, the smart grid will offer up to 440 million potential points to be hacked. Stuxnet is a wake-up call to a very real and present danger and a stark reminder of the need for collaboration not only among businesses but between nations in an increasingly interdependent world.