Business continuity should be considered when preparing against attack

Companies have a responsibility to ensure that their systems are not compromised or solicited in denial-of-service attacks.

Steve Cummings, former director of the UK Centre for the Protection of the National Infrastructure and now a special adviser to Deloitte's enterprise risk services division, claimed that the Twitter attack last week is a ‘striking example of how commercial organisations can become the indirect target of geopolitical threats'.

Cummings said: “Companies have a responsibility to ensure that their systems are not compromised or solicited in denial-of-service attacks. Apart from the wider impact, their own IT capability will be diminished and they will have lost control of their systems, clearly demonstrating a glaring hole in their data security strategy, something that we now all need to be concerned about.

“There are already security measures in place that limit the possibility of distributed denial-of-service attacks: intelligence and information sharing in real-time (or near real-time) between corporations, internet monitoring services, government and national infrastructure bodies are among these.”

He claimed that the fact that this attack took place shows just how serious the threat is and how much more needs to be done.

“These attacks present a major challenge to blog hosting organisations and social networking sites like Twitter and Facebook that need to be able to deliver a service that respects civil liberties and freedom of speech, but without becoming the target of a cyber attack,” said Cummings.

“These organisations have to know who they are providing a service to, as well as what contributors are writing about, in order to anticipate attacks and take protective measures. Only once organisations understand the nature of the threat will they be able to respond effectively in managing the risks from such attacks.”

Sign up to our newsletters