Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

Wannacry

Cooperate

Ex-CIA official: Global cyber security cooperation ‘critical’

The CIA’s former Chief Technology Officer Gus Hunt has called for more international engagement on the issue of cyber-security, even between countries who are not traditionally seen as allies.

Speaking to the Straights Times on a visit to Singapore, Hunt – who now heads up a cyber division at Accenture Federal Services – pinpointed the inter-connectivity being fostered by initiatives such as the Internet of Things (IoT) as one of the catalysts for the growing number of high-profile malware attacks.

“[The growing use of smart and connected devices is the] single biggest issue facing cyber security”, said Hunt. “That means there could be a hundred times more ways by which hackers could get at you, and we really have to begin to focus very clearly as nations and businesses about how to secure these things.”

To combat this threat, Hunt said that cooperation between countries would be ‘critically important’, in part referencing President Trump’s recent, poorly received, suggestion that the US and Russia should foster closer ties when it comes to cyber security.

“We need to develop international partnerships around cyber security as all of us are affected by it,” said Hunt. “The worst thing that can happen is that we lose all confidence in our ability to do commerce electronically. Imagine how destructive that would be to national economies.”

Hunt also suggested that there was a need to extend tenets of the Geneva Convention, such as the agreement not to attack hospitals with conventional weapons, to include cyber attacks too, given the recent impact of malware such as WannaCry on organisations such as the NHS in the UK.

Security

GUEST BLOG: The WannaCry fallout – It’s not just hospitals looking for extra protection

By Claire Stead, Online Safety Expert at Smoothwall

It is without doubt that the international uproar and magnitude of the WannaCry cyber-attack on the NHS has left many organisations on edge. Unfortunately, this is the digital world organisations now live in, with cyber-crime now accounting for 50% of all UK crime. Not only that, but ransomware attacks have risen by 600% from 2015 to 2016, highlighting how much more serious ransomware and other cyber-attacks are becoming.

It seems that the NHS’s cyber-attack has been a wake-up call for organisations, as we at Smoothwall have seen a notable increase in the number of inbound requests from organisations not in healthcare, but in business and education looking to shore up their security offerings. What’s clear, is that this has been a wake-up call for each and every industry sector, whose fingers have just got that little bit closer to the panic button.

All organisations, no matter how large or small, public or private sector, need to realise that they have a target on their backs and make cyber security a top priority. They need to have both the cyber security tools and processes in place, as well as an on board workforce to ensure their cyber security is as tight as possible.

All members of an organisation need to be educated to understand the importance and risks around cyber security, and the appropriate processes to follow to keep hackers out, and data safe and secure. This goes throughout the organisation from the c-suite to the rest of the workforce. It is common knowledge that human error accounts for the majority of cyber security incidents with many businesses not investing in the training of their staff to ensure they can detect against malicious email, web pages or links. Organisations need to instil a cyber security mantra within its employees, so that they do not become the weak link in the cyber security chain.

Our approach is simple and is summed up using our 4Ps:

Perception – the security mindset must now be shifted to a ‘security first’ policy. Businesses, schools and hospitals now have to put security at the forefront of all their policies as the risk of an attack grows year by year.

Policy – whether in a school or a business, pupils/staff need educating about the risks of their actions and know the security measures in place to mitigate those risks. This could be anything as simple as regularly updating complicated passwords to recognising ‘phishing’ emails.

Protection – a layered security programme, creating a brick wall of security that can verify the organisation is constantly protected.

Proactivity – it’s no good to have a security programme installed and to never think on it again. The landscape is developing at an incredible rate, and as a result, schools need to ensure that they are keeping up to date with the latest updates and improvements to ensure that they are protected as best they can be.

No cyber security programme is ever going to be 100% secure, but with the right measures and tools in place, with a fully compliant team on board, it will give organisations that much more of a fighting chance against the threats of cyber criminals.