Current Filter: >>>>>>

   

Gartner, in its list of top 10 strategically important technology trends for organisations in 2015, has identified a need for businesses to adopt a risk-based approach to security and self-protection in the coming year. According to the analyst house, businesses should recognise that it is not possible to provide a 100% secured environment, calling for a more dynamic and self-aware approach.

RED ALERT
Echoing these sentiments, Andy Taylor, CLAS (CESG Listed Advisory Scheme) consultant & lead assessor, APMG, states: ""Organisations will have to be on red alert as cyber threats become evermore advanced and the frequency of these threats increases. Blackmail, denial of service and similar attacks based on cryptoware will doubtlessly increase in frequency and complexity, with financial targets as a primary focal point.

"At the same time, we will likely see more state-sponsored and terrorist-driven activity, with perhaps industrial control systems being the main target. The linkage between main computer systems and the Internet of Things means that this threat must be addressed much more effectively than it has up to now. Despite some notable victories in 2014, law enforcement agents are not likely to win in the longer term without the support and education of businesses and individuals alike."

Cyber security is no longer just a scaremongering buzz word, he adds - there is a great deal of industry support and guidance out there for individuals and organisations. "The CESG Certified IA Professional scheme (CCP) enables organisations to identify the necessary skillsets and the competent individuals who hold them; whilst the latest addition to the cyber resilience training armoury - the CESG Certified Training scheme (CCT) - provides reassurance and evidence that cyber security technical training has been assessed against stringent CESG criteria and meets their rigorous standards."

BATTLE CAN BE WON
Martin Huddleston, principal cyber solutions architect of Ministry of Defence trading fund, the Defence, Science and technology laboratory (Dstl), adds: "The way in which companies address these threats will need to evolve - and quickly. Assessing their capabilities and competencies in all respects is a much more effective way of dealing with the new style of threat and this can be done on an almost routine basis using capability assessment tools - like the Cyber Defence Capability Assessment Tool (CDCAT) developed by Dstl on behalf of the MOD. The battle against the criminals looking for instant/quick wins can be won by competent organisations, which utilise appropriate tools and appoint the right person to be their first line of defence.

"We are seeing competent organisations reacting in a much more nimble manner to counter the mounting cyber threats and would advise others to follow suit. But rather than trying to stop everything at the boundary of the organisation - which could ultimately render an organisation unworkable - security officers should be monitoring their internal workings more proactively and reacting to attacks in a much more dynamic manner in 2015."

HUMAN ELEMENT
Meanwhile, as the UK and US announce increased cooperation on cyber security - particularly around the banking sector - a Coventry University expert has warned that financial firms need to focus more on the human element of cyber security, rather than just the technical safeguards.

Professor Richard Benham, who co-founded the recently-launched National MBA in Cyber Security with Coventry University Business School, warns that hackers are increasingly exploiting companies' employees who - if not trained to be aware of threats - often represent the weakest link in an organisation. His comments come as Prime Minister David Cameron and President Barack Obama reveal that a series of 'war games' will be staged between the UK and US to test each other's resilience to cyber attacks.

Page   1  2  3