| Written By Seungmin (Helen) Lee | The country was able to limit the impact of AI-generated deepfakes during its recent National Assembly elections. What can other countries learn from its experience? On April 10, South Korea held its 22nd National Assembly elections, which resulted in the Democratic Party (DP) winning 175 out of 300 seats and the ruling People Power Party (PPP) winning 108. The voter turnout of 67 percent was the highest in 32 years.
| Written By Seungmin (Helen) Lee | In December 2014, the Democratic People’s Republic of Korea (DPRK or North Korea) cyber group Kimsuky conducted an attack on the Republic of Korea’s (ROK or South Korea) Korea Hydro and Nuclear Power (KHNP), leaking personal information of 10,000 employees, reactor blueprints, manuals, electricity charts, radiation methods and more.
| Written By Gregory Rattray and Seungmin (Helen) Lee | With the issuance of its 2022 National Security Strategy (NSS), Japan recognized cybersecurity as an area of priority concern. The process of implementing the NSS activities provides a unique opportunity for increased US-Japan cyber cooperation. Historically, positive diplomatic declarations of collaboration have occurred along with technical coordination within the computer emergency and response team (CERT) community. Yet, limitations exist in operationalizing the partnership at the national security level.
| By Gregory Rattray, Rico Brandenburg, and Matthew Gruber | The success of the resilience program hinges on getting front-line (business and support functions) buy-in, as the front line owns the delivery of the service. One of the biggest challenges with traditional business continuity is that business continuity activities (for example, business impact analysis, business continuity planning) have not received the time and attention they deserve.
Stress testing has become a tool of choice in banking for risk managers and regulators alike, and it is used more widely as a way to assess resilience to severely adverse events. Yet even the most creative risk manager would have been challenged to design a scenario that would have adequately captured the plethora of shocks that manifested from early 2020 to the present (April 2023). We make use of the polycrisis concept to motivate a rethinking of stress test design.
| Written By Gregory Rattray, Geoff Brown, and Robert Taj Moore | Russia’s further invasion of Ukraine in February 2022 was a watershed moment. Governments, citizens, and companies faced a choice—they could support Ukraine in its fight to defend its independence or they could sit back while Russia destroyed the post-war order that has stood since 1945. On an unprecedented scale, a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country.
They call themselves the Cyber Defense Assistance Collaboration (CDAC), and it is the brainchild of Greg Rattray, a former chief information security officer at JP Morgan Chase. For months, he has been helping build a kind of public-private partnership to combat destructive cyberattacks. This is the first time he’s speaking in depth about the initiative publicly.