SecureWorks outlines ten tips to help nations ensure that they are protected against the threat of cyber-espionage.
“Since IT has become such a critical component of national infrastructures which support government, commerce and the military activities, any cyber-attack that disrupts the flow of information, or successfully combines a physical and electronic assault on the system, could effectively compromise an nations’ ability to operate. As a result, nations have debated the need for a national “intranet’ that would support critical infrastructures such as finance, utilities, health and transportation.” Said Jon Ramsey, CTO of SecureWorks.
To ensure nations are fully protected against any type of attack, SecureWorks recommends the following measures are implemented:
1. Partner with information security experts to fully understand the threat landscape while leveraging their visibility across their entire client base.
2. Know which assets need to be protected and the associated operational risk of each.
3. Know where your vulnerabilities lie.
4. Fix or mitigate vulnerabilities with a defense-in-depth strategy.
5. Understand the adversaries evolving tactics, techniques, and procedures allowing you to reshape your defensive countermeasures as required.
6. Be prepared to prevent an attack or respond as quickly as possible if you are compromised.
7. While prevention is preferred; rapid detection and response is a must.
8. Have a fall-back plan for what you will do if you are victim of cyber war.
9. Ensure critical infrastructure suppliers have not been compromised and have safeguards in place to ensure the integrity of systems provided by these suppliers.
10. A nation’s critical IT infrastructure should not be totally reliant on the internet but have the ability to operate independent if a cyber security crisis arises.