Rebecca Zisser / Axios

Endgame's chief social scientist Andrea Limbago breaks down the most critical cybersecurity issues threatening both the U.S. and the world today. From Russian meddling in the U.S. election, to the global WannaCry ransomeware attack, Limbago says we need to start getting serious — fast — about implementing stronger cyber policies and protections, before a catastrophic attack causes irreparable damage.

The broad view: Limbago is adamant that the size and scale of future cyber attacks will only intensify, but she's confident there are defenses that can be built, as long as society accepts the fact that more sophisticated and targeted attacks are coming. "We can't pretend it's not out there anymore," said Limbago. "We need our policies to step up to the modern reality."

Most security experts say you should "assume you will get hacked" — that it's inevitable. But what can companies do in place of that? Both from a user policy perspective and in regard to tech precautions?

Cyber security issues have been around longer than we give them credit for, and we really should have more policies in place by now. For the private sector, you can assume that you're going to be under attack, I think that's a safe assumption and we've seen that, but that does not mean you should throw your hands up in the air and just give up. They need to start taking the defensive aspect (such as education and installing protective software) much more seriously, and I don't think that's really happened yet.

As for the policy side, we haven't really gotten anywhere. For instance, the executive order that just came out. What we really need right now is an integrated policy. John McCain has been very vocal about this and I tend to agree with his point on cyber policy. We're kind of still running around without any guidance in that area, and that's why there has been zero sign of deterrence so far.

Do think Trump's cyber executive order has put a dent in the work that needs to be done in regard to cyber security?

The EO should've been more, it's kind of vanilla. There is nothing terribly provocative about it. On the one hand it's good because you have a proposal that finally starts to prioritize cyber security... but we're at the point where incremental assessments aren't what we need. We need more of a paradigm shift, and that's where policy can come in, as well as integration into larger, strategic outlooks.

What will it take for individuals, organizations, and the government to really get serious about cyber?

I wish I was more optimistic on this, but I do think it will take a pretty big attack. I almost feel that WannaCry was a testing ground... one theory is that that's actually what it was, a test to see how people would respond and how widespread it would be. Not that that's true, but if it were, it worked. You saw how organizations responded, how unprepared so many were. The US generally got off pretty light on that, so we were lucky, but just imagine if WannaCry had hit the US really hard, if it had hit our hospitals really hard.

At the end of the day, even though WannaCry made the 24-hour news cycle, it quickly peered off again. So, I think it would have to take something really large, something truly impacting the US. I hope it doesn't come to that, but honestly I don't see that happening right now.

Are consumers losing trust in some of the digital platforms they rely on so much?

I think that they're losing trust but I'm not sure it's changing their behavior. I think the public is less inclined to trust both the government to protect their data, but also increasingly now some of the big companies like Google and Facebook that actually own the data. I still think there's going to be a divide between the tech-savvy, the people who just really get it, and those who don't. I also think a lot of people think that even if they were to stop sharing so much, the data is out there already... so they just give up.

What's your biggest takeaway from the recent attacks we've seen? What should we learn from them?

On the one hand, there's been an appropriate focus on Russia, and that needs to continue. But with what Russia is doing, it's important to keep in mind that those kind of tactics and techniques are available to other actors as well. It's not just the Russians we need to watch any more. While our policies, some of which are 30 years old, were made to counter one threat, our response should not be to just solely focus on the Russia threat, but learn lessons on what they have done. Other actors — we saw it with WannaCry — are going to take their approaches to achieve whatever their own objectives are.

Go deeper

Updated 7 hours ago - Politics & Policy

Trump's Tucker mind-meld

Photo illustration: Sarah Grillo/Axios. Photo: Roy Rochlin/Getty Images and BRENDAN SMIALOWSKI/AFP via Getty Images

If you want to understand the rhetorical roots of Trump's Independence Day speech at Mount Rushmore, go back and watch Tucker Carlson's monologues for the past six weeks.

Between the lines: Trump — or rather his speechwriter Stephen Miller — framed the president's opposition to the Black Lives Matter protest movement using the same imagery Carlson has been laying out night after night on Fox.

Updated 9 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Global: Total confirmed cases as of 6 p.m. ET: 11,366,145 — Total deaths: 532,644 — Total recoveries — 6,154,138Map.
  2. U.S.: Total confirmed cases as of 6 p.m. ET: 2,874,396 — Total deaths: 129,870 — Total recoveries: 906,763 — Total tested: 35,512,916Map.
  3. States: Photos of America's pandemic July 4 ICU beds in Arizona hot spot near capacity — Houston mayor warns about hospitals
  4. Public health: U.S. coronavirus infections hit record highs for 3 straight days.
  5. Politics: Former Trump official Tom Bossert says face masks “are not enough”
  6. World: Mexican leaders call for tighter border control as infections rise in U.S.
  7. Sports: Sports return stalked by coronavirus
  8. 1 📽 thing: Drive-in movie theaters are making a comeback.

Bolton's hidden aftershocks

Photo illustration: Sarah Grillo/Axios. Photo: Justin Sullivan/Getty Images

The news media has largely moved on, but foreign government officials remain fixated on John Bolton's memoir, "The Room Where It Happened."

Why it matters: Bolton's detailed inside-the-Oval revelations have raised the blood pressure of allies who were already stressed about President Trump's unreliability.