International law, while informative, does not spell out how nations (or companies under their jurisdiction) should go about enhancing their cybersecurity to account for emerging due diligence obligations. As a result, it's helpful to consider what leading nations and firms are doing in this regard.
If the first 15 years of the 21st century were defined by the so-called Axis of Evil -- the phrase George W. Bush applied to Iraq, Iran, and North Korea for their support of terrorists -- the next 15 years will likely be defined by the Access of Evil, as state and non-state cyberterrorists use technology to bypass our defenses in ways that damage businesses, lives, and nations.
A small, poor nation, the Democratic People's Republic of Korea should be an international nullity, irrelevant to global affairs. Yet it again dominated headlines in the U.S. with the hacking of Sony and cancellation of the broad release of the movie The Interview, a comedy featuring the assassination of the younger Kim.