Sponsored section
Ilias Chantzos,
Director Government Relations, EMEA and APJ, Symantec |
 |
|
Orchestrating a “defence in depth” approach delivers multiple, agile layers of protection in order to detect, stop and ultimately prevent cyber attacks. It is essential to have a proactive approach on threats in order to anticipate, counter, and attribute them. We also understand that security cannot be limited to the boundaries of a perimeter or of a country – networks know no borders.
Clearly cyberdefence goes beyond deploying firewalls, antivirus software and intrusion detection. But what else can be done to ensure vital intelligence is delivered and protected, thus giving a decisive advantage against adversaries?
NATO is describing cyber threats as an area that requires consideration by strategists and policy makers. European policy needs to further develop so as to adopt a security posture that links the work done in defence with the protection of the civilian critical infrastructure.
When talking about cyberdefence we refer to defence against activity that originates primarily from hostile actors who have political or quasipolitical intentions that can impact national security. The attack can target critical infrastructure such as communication centres, energy grids, water distribution systems or military command posts. We have seen large, well-known ‘denial of service’ attacks on government systems, such as Estonia, Lithuania and Georgia, using sophisticated botnet networks remotely managed through command and control centres. It is distressing to know that these well-organised botnets, distributed around the globe, are available for hire with little ability to know the originator and intermediaries involved.
Targeted and tailored attacks, while different in their characteristics, often have the same objective: to render their prey vulnerable while either extracting confidential information or crippling services altogether. Again, Ghostnet and Google are recent examples of stealing confidential information. We feel that information is the prize at the heart of all attacks, perhaps for financial gain as we have seen in our Underground Economy report1 or to collect data for modern information-centric warfare strategies. No matter what the circumstance, access to or denial of access to information has become the aggressor’s objective.
If we look at historical examples of intelligence in warfare we can refer to WW2, where the breaking of the Imperial Japanese Navy codes led to the removal of Admiral Yamamoto, and yet it was the failure to deliver this intelligence in a timely manner that allowed the surprise attack on Pearl Harbour. Therefore, safeguarding information and making it available becomes a critical component of any national security strategy because, either accidentally or due to a malicious outsider or insider, a major security incident can affect a country’s strategic assets.
A cyberattack would usually follow four stages: Incursion, Discovery, Capture, and Exfiltration. Solutions to shield information for defence and intelligence purposes are available; the key to success is continued co-ordination among governments and involvement from industry experts, through public private partnership, information exchange and co-ordination. Cyberdefense should become more of a European priority, and as information is an exceptional resource it is what needs to be defended the most.
 |
|
What the Chiefs Say is a public affairs platform designed for senior executives from leading organisations to voice their expectations and concerns.
In this issue, business and industry leaders present to Europe’s policymakers their policies and priorities.
|
All contributions in this section:
|
|