Cyber Primer
AEWhbF
AEWhbF
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Integrating cyber operations<br />
when planning against cyber attacks a wider, systems view is taken<br />
of potential problems and their solutions. For example, there is little<br />
value in protecting a critical computer controlling the fuel pump to<br />
the ship’s engines if the logistics systems are attacked to provide false<br />
fuel states. The entire system needs to be protected.<br />
b. Security personnel. Operators of a computer system may not<br />
be best placed to apply cyber security to that system. Key security<br />
personnel (identified in advance) should be on a readiness rota.<br />
They should maintain links to the appropriate security procedures<br />
and teams (for example, CERTs and warning and reporting points<br />
(WARPs)). It is not uncommon to need to contact manufacturers or<br />
suppliers of a computer system when a cyber attack occurs. Contact<br />
lists should be maintained and the process tested. Again, business<br />
continuity plans must be maintained and practised.<br />
c. Recovering from malware attacks. Malware is notorious for<br />
remaining in a system even though it appears to have been removed.<br />
Thorough cleansing is often a matter of opinion of the operators<br />
rather than a proven fact. Maintaining and installing verifiably clean<br />
backups, held off-site in a secure location, should be practised as part<br />
of normal operations. Attacks, and suspected attacks, should always<br />
be reported through the local chain of command.<br />
4.17. Exercising the capability. <strong>Cyber</strong> needs to be exercised in the<br />
mainstream along with other capabilities so that users can develop<br />
understanding and resilience. Frequent, detailed and well-rehearsed<br />
actions in response to cyber attack will be exercised within the Defence<br />
Exercise Plan, managed by Joint Forces Command. Appropriate scenarios<br />
and practises for each level of command will differ and may change rapidly<br />
in line with the threat. <strong>Cyber</strong> response activity will need to be undertaken<br />
at all levels of training (individual, collective and joint). There will also be<br />
education as well as training aspects to this requirement. <strong>Cyber</strong>-related<br />
scenarios and injects are already being incorporated into joint exercises such<br />
as the UK’s Exercises JOINT HORIZON and JOINT VENTURE as well as those of<br />
74<br />
<strong>Cyber</strong> <strong>Primer</strong> (2nd Edition)