|Телеком||ТВ и медиа||Облака||ПО||Кадры|
|ИТ в образовании||ИТ в медицине||Big Data||E-commerce||Спутниковая связь|
|Все новости||World News|
Cyber security: can your business detect and resist a targeted attack?
|25 марта 2011|
The 'serious' cyber attack on the European Commission and External Action Service that was reported day before yesterday (23 March 2011), and the recent breaches of cyber security that have affected many governments, have raised the profile of cyber security and the importance of mitigating the threats.
The UK Government’s Office of Cyber Security & Information Assurance (OCSIA) released a study undertaken by Detica that estimated the cost of cyber crime to the UK economy at GBP27 billion per annum. Typically organisations do not report security breaches because this could have an impact on their business and the confidence of their customers and shareholders. This makes the scale trend of cyber security breaches difficult to estimate and predict, so Detica had to rely on a ‘causal model’.
The number of web users worldwide has exploded from 16 million in 1995 to more than 1.7 billion today. Connecting government and corporate IT systems to the Internet and other networks leaves them vulnerable to a large number of organisations and individuals who could attack these systems. Organisations and governments must protect themselves against focused attacks from highly skilled individuals and groups.
Cyber security attacks can be very sophisticated. Two threat actors undertake the majority of cyber security breaches – national governments and organised crime. Both of these groups have access to skilled individuals with considerable IT resources. Cyber security attacks are heavily researched with the attacker taking significant time and effort looking for weaknesses that could be exploited. When the research is completed, the attackers can craft specialised attacks to exploit the weaknesses identified. Well-configured traditional technical security controls will limit the potential weaknesses of an IT system. However, many traditional security controls work by identifying the signatures of an attack, but because many cyber security attacks are bespoke, these signature-based security controls have their limitations.
Analysys Mason security consultants have investigated a number of major cyber security breaches. Most of these breaches bypassed the installed security controls and were only detected because of side effects suffered to the performance of the IT systems or network, mistakes made by the attackers, or information provided by national security bodies.
Many management boards (of private and public companies) perceive IT security as an unnecessary drain on their resources, and therefore minimise security budgets to ensure nominal compliance with regulations and legislation. The boards of these organisations need to understand the potential impact of cyber security and ensure they invest the appropriate budgets to achieve an adequate level of security to mitigate the risk, enabling their organisations to deter and resist cyber security attacks.
To combat cyber-security threats, organisations have to significantly change their attitude to IT security. Organisations need to focus on their security strategy, which should include:
- pro-active vulnerability identification and patching of IT systems
- the deployment of a range of security controls – layering security throughout their organisations
- constant security monitoring, logging and alerting to detect cyber-attacks in real time
- robust security hardening of all IT systems
- understanding what is normal activity on their network and IT systems, so when the activity changes outside the baseline it can be investigated
- tried and tested crisis management, security incident management strategy and plans
- regular penetration testing of all IT systems not just the Internet-facing systems, including resolving all the issues identified
Edward Hamilton, Senior Manager