This page contains a Flash digital edition of a book.
Resilient Cyber Response Building a


When it comes to cyber attacks, a carefully formulated response may be just as critical as efforts to prevent them. The Information Security Forum’s Michael de Crespigny says resilience is the key when defenses fail


C


yberspace offers enormous opportunities and benefi ts through increased innovation, collaboration,


productivity, competitiveness and engagement. But hardly a day goes by without news of a new cyber threat, or actual data breach, arising from ‘malspace’ – an online environment inhabited by hacker groups, criminal organizations, espionage units, and terrorist groups. The big question for governments, enterprises and individuals alike is how can this growing cyber threat be countered without losing the huge benefi ts of internet-based trade, commerce and communication?


When you consider that some 80% of growth in business-to-consumer markets is coming from internet-based channels, and nearly all business-to-business transactions are done electronically, it’s clear that cybersecurity ought to be top of most chief executives’ agendas. Of course, it’s not just commerce that is shifting to the internet: increasing volumes of government business, national infrastructure management,


24


and everyday social interaction are being conducted online.


Cyberspace is constantly evolving and presenting new opportunities, as the desire of businesses to quickly adopt new technologies – using the internet to open new channels and adopting cloud services, for instance – provides enormous opportunity, but also brings unforeseen risks and unintended consequences that can have a potentially negative impact. There is often pressure from within organizations to adopt social networking channels like Twitter and Facebook for communications with customers and other stakeholders. But opening up these channels is a double-edged sword that can expose an organization to increased risk – particularly of permanently damaged reputation – when something goes wrong.


With cyberspace so critical to everything from supply chain management to customer engagement, holding back adoption or disconnecting from cyberspace altogether are simply not feasible. Yet the commercial,


reputational and fi nancial risks that go with a cyberspace presence are real and growing.


An Attractive New Hunting Ground


Cyberspace is an increasingly attractive hunting ground for criminals, activists and terrorists who are motivated to make money, get noticed, cause disruption or even bring down corporations and governments through online attacks.


Part of the attraction of online crime is its anonymity: the risk of getting caught in the act of committing a cybercrime is much less than that of a ‘real-world’ crime. It is relatively simple to hide where and by whom the crime is being committed. On top of this, there is the challenge of differing laws and regulations across jurisdictions, which makes prosecuting cybercrime a thorny issue.


In addition, cycle times are shortening and the potential rewards are growing for successful attackers. Cybercriminals worldwide are increasingly organized


May/June 2012


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52