Consumer confidence in cyber security has clearly eroded over the past couple of years, and there is an urgent need for organisations of all industries, whether public or private, to reassure consumers they are capable of safeguarding networks.
Recent headlines have increasingly been dominated by cyber attacks on public sector organisations – especially worrying given that the consequences of government organisation cyber security breaches do not merely result in loss of sensitive information or financial repercussions. With cyber criminals deploying ever more sophisticated tools, an attack of this nature can also cause damage to physical assets and in certain scenarios, the loss of life.
This all came to a head in January this year, with MPs on the Defence Select Committee producing a report stating that the UK's armed forces are now so dependent on IT that they could be ‘fatally compromised' by cyber attacks. Indeed, the threat may be particularly high for the UK's armed forces, which is becoming an increasingly popular target for both independent cyber criminals and those controlled by other governments as its dependence on IT increases.
Furthermore, in December of last year, cabinet minister Francis Maude warned that Britain's national power and water infrastructure is increasingly a target of foreign cyber attacks, so it's no surprise that calls for urgent government action to improve cyber security are growing. LogRhythm research has shown that two-thirds of the UK public now back pre-emptive cyber strikes on enemy states, while 45 per cent believe that the UK government needs to step up its protection of national assets and information against cyber security threats.
However, a knee-jerk reaction of pre-emptively attacking the networks of potential perpetrators could incite disturbing consequences, such as escalation of even more sophisticated attacks on the UK's critical infrastructure. Rather than attacking ‘enemy' networks, the scale and nature of today's cyber threat calls for proactive, continuous monitoring of IT networks to ensure that even the smallest intrusion or anomaly can be detected before it becomes a bigger problem for all – after all, you can only defend against that which you can see.
It is therefore unfortunate that most government-led cyber security policies focus on catching and punishing criminals as opposed preventing computer crime. The other serious issue when it comes to cyber attacks on government organisations is that even once the breach has been remediated, there often remains an enormous amount of uncertainty surrounding the origins of the attack.
Without confirmation of the source of attacks, inaccurate finger pointing often occurs – and when this happens between nation states, diplomatic tensions can arise.
This means that further forensic analysis of the breach is often required, which traditional point security solutions, such as anti-virus or firewall tools, just don't provide. With IT security data volumes increasing at unprecedented rates, many organisations are neglecting the fact that Big Data analytics can offer invaluable intelligence, and will actually help them improve their IT security and overall network efficiency.
A cyber security strategy focusing on the continuous monitoring of IT networks provides the network visibility and intelligent insight needed for deep forensic analysis of growing amounts of data. Only with this deep level of network visibility can cyber attacks be effectively mitigated and accurately attributed, giving the public more faith in the government's cyber security policies.
Public opinion also plays a significant role in data breach disclosure strategies – in his December address, Maude further urged organisations to declare publicly when they have suffered a serious cyber attack, as too many fear the loss of competitiveness. Interestingly, the LogRhythm research revealed that 80 per cent of the UK public implicitly do not trust organisations to keep their data safe; with nearly half (41 per cent) feeling that it has become inevitable their data will be compromised by hackers.
However, the research also shows that since 2011, the same percentage of respondents had concerns over the ability of organisations to safeguard their data – perhaps showing that the nation has already reached a plateau of distrust. This growing frustration over inadequate cyber security measures isn't helped by an over-reliance on perimeter defences despite the fact that they have repeatedly proven inadequate in securing IT systems. Instead, only by baselining normal, day-to-day activity across all dimensions of IT infrastructures can organisations proactively secure both data and infrastructure – and hopefully, rebuild public trust.
Ross Brewer, vice president and managing director of international markets, LogRhythm