How nations, enterprises can lead cyber defense
As the cyber threat landscape continues to evolve, it’s imperative that nation states act now to put in place cyber defenses to protect themselves from the most advanced threats the world has to offer. At GISEC 2017, BT will be discussing global pressing issues in cybersecurity, including; how nation states and enterprises can lead cyber defense. BT has always been at the forefront of cyber security development as an essential part of protecting its global network. And, as BT’s expertise has evolved, they have shared knowledge with UK government and some of the largest business organizations in the world. They’ve distilled all this insight and proficiency into practical functionality that can give all enterprises and nations the cyber defense they need.
How is the global threat landscape changing?
The recent worldwide WannaCry ransomware attack is a stark reminder of the increasingly dangerous and fast-developing world of cybercrime we all live and do business in. Every business, financial institution, telecoms provider, energy company and government should now consider itself to be under threat from cyber criminals’ intent on causing devastation for gain. This ever-growing network of cyber criminals is intent on developing the most advanced attack methods to penetrate your systems. And, increasingly, nation states are employing these hacker services to damage other governments and influence political outcomes.
We need to respond to this. Those of us with national responsibilities, the leaders of nationally-important businesses, and major institutions, need to unite to fight. We need to lead a defense strategy against this cyber warfare at a national level, bringing the best minds and tools together to protect your assets and serve the national interest. We all know that the cyber defense landscape is one of constant change, but 2016 saw a seismic shift in attack methodologies, threat actors, means, motive and opportunities.
Throughout 2015, identity theft and ransomware exploitation pay-rolled heavy criminal investment in new technology, new attack vectors and new, increasingly complex exploits. On the back of this growth, and due partially to geopolitical influences, cyberattacks in 2016 changed motives. The most advanced attackers moved to acquire a greater wealth: power. As a result, we’ve seen wave after wave of serious attacks designed to display, acquire or leverage power. Nation states are flexing their cyber powers, and displaying a disturbing willingness to escalate their actions to cause major nation-state-level threats. Relatively unsophisticated countries are revealing the ability and determination to use cybercrime to fund national developments such as nuclear weapons.
How can this be prevented at the national level?
The only effective response to this level of cyberattack is a major step up in cyber security to give us national-level insight and oversight that will work closely with industry and government. We need to develop a cohesive, multi-layered and sophisticated national cyber defense capability. It starts by establishing a focus for its national cyber defense capability, by creating a National Cyber Security Centre, or Capability (NCSC), such as the ones in the UK and in the Kingdom of Saudi Arabia, in addition to the cyber security centre in Dubai.
A NCSC then begins a significant period of strategy, policy creation and technical direction setting all alongside working closely with its nation’s industry. It’s vital that government, critical infrastructure and industry forge strong and effective relationships to share relevant information and, together, make decisions that help detect, deter and (ultimately), defeat them at source. In fact, the NCSC in the UK played a vital role in coordinating a response to the WannaCry attack - so it’s clear that they’re effective. A national cyber defense capability ideally divides its organization into the four key operational domains of intelligence, forensics, threat monitoring and information sharing.
What is the role of large enterprises in preventing cyber threats?
We all accept that business plays a key role in determining the success of a nation, and that national decisions impact on business; this interdependence now extends to cyber security. Cyber security has stepped beyond the realm of pure cyber security specialists. Key decision makers need to understand what data the NCSC will require, as well as how to maintain and follow the guidance and policies provided. You need to be ready to action NCSC-generated intelligence, to respond and defend with agility, in order to help the NCSC identify threats that could devastate businesses like yours. This spirit of shared enterprise makes it much easier for organizations like yours to scale up their cyber security measures, since the approaches taken by the NCSC provide a template to follow to develop a multifaceted, highly-responsive cyber defense capability.