Over the past six months, cyber-attacks against financial
organizations, government sites and critical infrastructure have
escalated. In early spring, financial
institutes such as Wells Fargo, Bank of America and JP Morgan Chase has been
hit hard by cyber-attacks costing the organizations millions of dollars. Last month, Homeland Security officials
issued a warning from ICS-CERT to warn U.S. companies about attacks on critical
infrastructure about chemical and energy companies to take added measures to
protect their systems.
Cybersecurity is now our responsibility because these attacks
not only pose severe consequences to our government but it also impacts a lot
of our private organizations that own our electric and cellular networks. Under new regulations, the chairman of the
Joint Chiefs is making changes to the U.S. military’s standing rules of
engagement that dictate when, how and with what tools America will use to
respond to an attack.
The building blocks for a robust cybersecurity strategy is to
trust no one, inspect and log all traffic, and ensure secure access to
all-important assets in the data center.
Compartmentalization or network segmentation is the key component of
Zero Trust and is important to limit the exposure of attacks. Internal employees tend to be the weakest
link when it comes to targeted attacks but now that has been expanded to the
ecosystem of partners, contractors and supply chains.
The reality is that there’s a need for a more robust
cybersecurity strategy that requires a comprehensive approach to malware that’s
similar to the attacker’s lifecycle approach of infecting a network. This means that identifying all traffic that
malware tends to hide and managing the unknown in addition to the virtual
sandbox analysis. The last piece of
monitoring that’s needed is a reporting and logging system that can provide
visibility into the network and enable proactive actions if something suspicious
is found.
No comments:
Post a Comment