RiskXtraSeptember2018

More documents

Recommendations

Info

x RISKXtra CTI: Keeping UK Citizens Safe in 2018 operational challenge facing their organisation. How, then, can Government organisations embrace digital transformation while also ensuring that their systems – and, critically, citizens’ data – is kept safe? You know you’re facing an area of grave concern when experts at the World Economic Forum signpost ‘cyber attack’ as one of the Top Three most probable global risks of 2018. The threat of such an attack has been put up there with extreme weather events and natural disasters as one of the events most likely to cause problems on a worldwide scale this year and into the future. Paul McEvatt addresses the issue For the public sector, the threat is even more acute. Cyber security has stormed its way on to the political agenda of late as allegations of election tampering, breaches of Government agencies and departments and industrial sabotage have dominated the news headlines. Malignant actors have targeted Government and political organisations with forms of sabotage since Government has existed, of course, but the difference now is that hacking into a Government body by digital means can be done remotely by an unidentified actor and can happen remarkably quickly. Government bodies often hold a variety of sensitive information – whether that’s medical data, criminal records or confidential Civil Service plans – that can be used by others for financial or other forms of gain. For a malignant hacker, the possibilities here are endless and mouth-watering in equal measure. The UK’s public sector is fast embracing digital technology. When conducting our own research, we found that 76.7% of public sector organisations said that they were undergoing digital transformation – the highest percentage of any sector we surveyed. This is largely a positive thing, with a view towards making sure Government works more efficiently and delivers better services. However, the adoption of digital can sometimes create more angles of attack for hackers. In fact, almost half of all civil servants state that cyber security is the biggest Going back to fundamentals With the public sector fast adopting new ways of doing things in the sphere of IT, it’s important to maintain some of the fundamentals of security. In 2017, the headlinegrabbing Petya and WannaCry ransomware outbreaks exploited a vulnerability to software propagation that was known months before the attack. What could have prevented the vulnerability? Patching. It’s easy to repeat the mantra “Thou shalt patch whenever necessary” from afar, but business reality dictates that this is sometimes not the right move depending on the context. For example, you might choose not to patch a critical vulnerability in a financial system if it’s the day before the end of the financial year for fear of breaking that system. One of the ways in which public sector organisations can mitigate risk is through Cyber Threat Intelligence (CTI). This can function as an early warning mechanism, guiding security professionals on which vulnerabilities are most open to exploitation and should, therefore, be a patching priority. CTI is often simply referred to as a threat feed. However, faced with the kind of ‘savvy’ and aggressive attackers that have the audacity to go after public sector organisations, the system shouldn’t just express the severity of the vulnerability as a technical risk. Given the vital work that public sector organisations transact, it should also communicate this risk in financial, business and, indeed, human terms. At its core, effective CTI provides strategic direction that cuts through the complexity of patch management, subsequently indicating where attention is most needed. For example, a threat advisory that addresses a vulnerability early on can protect an organisation months before hackers begin developing a ransomware variant to take advantage of that vulnerability. Automating the guard dogs The public sector is increasingly embracing the power of data. Collecting and analysing large volumes of data about how we live, how our businesses operate and even how the public sector itself runs can be beneficial on several 60
Cyber Security in the Public Sector levels. However, with data increasingly shared across departments and regional authorities, this growth in data volumes is also providing more angles of attack for hackers. Those charged with protecting Government, therefore, face a double quandary – more territory to guard and a more sophisticated foe to defend against. Monitoring these security perimeters is too large a task for traditional technologies that use a manual approach. Fortunately, there’s an array of automated monitoring services now available, as well as advanced analytics tools. Public sector security professionals can combine these tools with their own capacities for creative and lateral thinking in order to develop an advanced security monitoring ecosystem. With Artificial Intelligence (AI) coming into its own, this blended approach will offer a path forward for security monitoring. As AI technologies such as machine learning enable teams to automate the more prosaic elements of security monitoring, this will free-up valuable time for analysts to apply their brainpower to the most high-value problems. Moreover, these technologies can augment humans’ own analytical capabilities, providing them with a superior overview of the threat landscape as incidents can be automatically enriched. Rapid response It’s becoming increasingly apparent to all organisations that a cyber attack occurring is simply a matter of time. This sense of inevitability has renewed attentions on how to respond to that eventuality, rather than simply focusing on matters related to prevention. Damage limitation is vital for public sector organisations, which can rapidly come under political pressure and heavy media scrutiny in the event of a breach. The latter is especially relevant in a post-EU General Data Protection Regulation world wherein a notifiable breach now has to be reported to the Information Commissioner’s Office within 72 hours. The first step towards developing a rapid response approach to addressing threats is quantifying the speed with which you currently do so. Mean Time To Respond (MTTR) is a key metric for this. Alarmingly, a FireEye study looking at EMEIA organisations found that the average Mean Time To Dwell (MTTD) – ie the time between compromise and detection – was 489 days. This is plenty of time for malignant actors to do significant damage (and shows the importance of optimising for this metric). Public sector cyber security must be about more than just throwing technology at the problem. The Number One way of “According to our own recent research at Fujitsu, only 51% of public sector organisations are confident that their employees have the right skills to take advantage of today’s new technology” compromising an organisation’s security, even today, is still a phishing e-mail with a malware exploit sent directly to an employee. Cyber attackers have a keen understanding of human error and the kind of mistakes ordinary people can make when confronted with an officiallooking e-mail. Upskilling system end users According to our own recent research at Fujitsu, only 51% of public sector organisations are confident that their employees have the right skills to take advantage of today’s new technology. It’s reasonable to assume, then, that these same people will also not have the correct knowledge to ensure that they’re using these new technologies in a secure fashion. In fact, upskilling users is one of the most cost-effective ways of reducing the probability of a human error that leads to a cyber attack. For budget-conscious public sector organisations, it’s a good way to bolster the first line of defence. The one-off generic quarter-day on IT isn’t enough – training needs to be adapted to how employees are using their technology and the kind of tools they employ on a regular basis, as well as their seniority. Confident public sector The public sector touches almost every facet of life in the UK, from business to education and on to health. It has an admirable ambition of using digital technology to transform how Government functions in this country: a goal which would deliver all kinds of gains to citizens and civil servants alike. It’s absolutely vital public sector organisations know that they can embrace the future safely without exposing themselves to malignant actors in cyber space. A two-pronged approach can help them tackle the risk. By ensuring that their employees understand the risks and use digital tools in a secure way, public sector organisations will be able to make certain that they have a strong first line of defence in place. Investing in the latest and best security technology and controls, whether that’s CTI, machine learning-fuelled monitoring or implementing MTTR as a key metric, they can put themselves on the front foot for proactively identifying and managing threats instead of simply waiting for breaches to happen. Paul McEvatt: Senior Manager (EMEIA) for Threat and Strategy at Fujitsu 61 www.riskxtra.com>
Page 1 and 2:
x www.riskxtra.com RISKXtra Securit
Page 3 and 4:
x RISKXtra September 2018 Contents
Page 5 and 6:
x RISKXtra Editorial Good for Busin
Page 7 and 8:
News Update City of London Police a
Page 9 and 10: News Analysis: Apprenticeships in t
Page 11 and 12: x RISKXtra News Special: Global MSC
Page 13 and 14: Opinion: The Modernisation of CCTV
Page 15 and 16: Opinion: Mind Your Own Business to
Page 17 and 18: x RISKXtra BSIA Briefing Many reade
Page 19 and 20: x RISKXtra Advertisement Feature Mi
Page 21 and 22: Data Protection Considerations for
Page 23 and 24: x RISKXtra Building Management: Acc
Page 26 and 27: x RISKXtra Advertisement Feature: H
Page 28 and 29: 2018 OLYMPIA LONDON, 28 - 29 NOVEMB
Page 30 and 31: FIRE SAFETY What you need to know a
Page 32 and 33: FIRE SAFETY “All pre-learning mat
Page 34 and 35: FIRE SAFETY Hochiki launches FIREsc
Page 36: FIRE SAFETY Pulse Alert VADs lower
Page 39 and 40: FIRE SAFETY Kentec introduces four-
Page 41 and 42: FIRE SAFETY Ensuring Fire System Ef
Page 43 and 44: x RISKXtra Emergencies and Life Saf
Page 45 and 46: We go to greater lengths. Axis Secu
Page 48 and 49: x RISKXtra The Race to the Bottom i
Page 50 and 51: x RISKXtra Meet The Security Compan
Page 52 and 53: x RISKXtra ‘What makes the modern
Page 54 and 55: x RISKXtra Selling Security Without
Page 56 and 57: x RISKXtra Despite the ongoing best
Page 58 and 59: x RISKXtra Selecting Workforce Mana
Page 62 and 63: x RISKXtra Routes to Learning: Staf
Page 64 and 65: x RISKXtra Risk in Action Dahua’s
Page 66 and 67: BENCHMARK Smart Solutions BENCHMARK
Page 68 and 69: x RISKXtra Appointments Martin Harv
Page 70 and 71: ACCESS CONTROL CCTV CCTV INTEGRATED
Page 72 and 73: GATE AUTOMATION & ACCESSORIES WHOLE
Page 74 and 75: INTRUSION DETECTION AND PERIMETER P
Page 76: NOTHING MISSED Independent left and
show all

RiskXtraSeptember2018

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?