Tag Archives: security

What Are You Missing in Threat Intelligence for Business Continuity?

DRI ANZ

To view this article in its original location, please click here.

There’s no doubt that threat intelligence is a hot topic today. The debate goes on about how best to collect and analyse information to identify existing and emergent threats. Attacker techniques and capabilities are scrutinised to draw up plans for defence. Software applications allow organisations to draw up ‘attack trees’ to methodically describe the security of their systems. These methodical approaches have merit because they encourage organisations to think through different scenarios and reinforce their business continuity management appropriately. However, threat intelligence also needs to go further. It needs thinking that is ‘outside the box’ (or outside the system).

Part of the challenge in effective threat intelligence is its narrow definition. The term ‘threat intelligence’ in business commonly refers to attacks on information assets (data, systems, IT and networking infrastructure). ‘Business threat intelligence’ and ‘strategic threat intelligence’ also refer back to the IT-oriented view of the world. With IT now such an important part of professional life, it is natural that it should be a focus of threat intelligence. But limiting the discussion to IT-based techniques designed to uncover IT-centric threats would be dangerous for at least two reasons.

Firstly, attacks on information assets are not always IT or even technology-based. Social engineering and simple theft of mobile computing devices have proved that point. Threat intelligence therefore needs to cover a wider span of possibilities (including someone trying to set fire to your data centre for instance). Secondly, threats in general to an enterprise or an organisation go beyond incidents in IT servers. The SWOT (strengths, weaknesses, opportunities, threats) acronym for instance is used in business planning. It takes into account financial, market, regulatory and competitive threats, among others. All of these are important for business continuity too. So while you gather your (IT) threat intelligence, remember to look at threats beyond IT to keep your business continuity effective for the rest of the organisation as well.

Business Continuity Depends on a Culture of Security Too

DRI ANZ

To view this article in its original location, please click here.

While protecting your organisation against disasters and blunders is a necessary step, it’s not sufficient for solid business continuity. Security breaches are a threat to all businesses and public agencies. With information fast becoming one of the most valuable assets an organisation can have, the natural consequence is that it also needs to be protected against theft or sabotage. But where should an enterprise start? The fact is that while technologies can be complex and security measures for those technologies doubly so, much of the protection required concerns the attitude and behaviour of employees. So while you’re evaluating the latest in anti-virus software and Internet firewalls, remember the following key points as well.

  1. Have a clear information security definition and policy. Make sure it includes relevant details on what is to be considered as confidential information and how to work with and safeguard that confidentiality, as well as suitable information retention and destruction rules. That also means versions for paper-based and electronic information, with shredders, locked disposal containers, computer hard disk wiping and any other necessary items.
  2. Tell staff that information security is essential. People don’t always work this out for themselves. Use regular training and awareness campaigns to make the information security policy a practical reality.
  3. Make sure that management sets the example in how to handle confidential information properly. Top management must be the role model for this. Weakness at higher levels will make it doubly difficult to reinforce information security at lower levels.

Audit your information security on a periodic basis. Check awareness levels in staff, verify that the right solutions are in place and operational, and check for possible gaps or holes. And remember to think like an attacker, as well as like a conscientious business continuity or security manager. After all and as the saying goes, ‘it takes a thief to catch a thief’!

And the Winner for Overall IT Security is… Linux?

DRI ANZ

To view this article in its original location, please click here.

Windows and Mac OS, watch out. A UK government agency tested different IT platforms to see which would be the most secure, and found that Linux (Ubuntu 12.04 in particular) was significantly better than Windows 8 and Mac OS X. The tests were run to evaluate performance in areas such as disk encryption, secure start-up, malicious code prevention and detection, virtual private networking and platform integrity under multi-tasking. The agency (CESG, Communications-Electronics Security Group) also identified a Samsung platform based on Android as a leader in mobile device security. Will the business world now flip over to Linux and Android as a consequence?

Such a radical change (Windows still has by the largest share of the PC operating market) is unlikely in the near future. However, with IT security closely linked to both business continuity and disaster recovery, findings like these certainly encourage enterprises to take a closer look. Aha, you say – isn’t the security track record of Windows linked to its dominance of the market, and the fact that there are so many opportunities to attack it? And won’t Linux also become a victim of its own success in this sense, if it achieves mainstream business popularity?

While availability to be attacked is a factor, Linux may be better off for a couple of reasons. Firstly, the tests by the CESG were technical and evaluated systems on an absolute basis of how secure they were – not how many people might be trying to hack them. Secondly, Linux benefits from numerous communities of users that actively produce solutions to security holes and vulnerabilities. This is in contrast to Windows, for which only Microsoft can produce patches, and similarly Mac OS, tended to by Apple alone. On the other hand, Linux will need to claim a bigger place in the hearts of both business users and business software developers if it is to truly conquer the business world.