All must share security burden
Updated: 2013-01-09 13:51
Internet | Art Coviello
Strong cyber security cannot be achieved by any of us in isolation: It's a group condition, a group responsibility.
They need to learn what their business partners - and the partners of their business partners - are doing to protect this interconnected community's digital assets.
These three points are often true about cyber attacks: an enemy prefers to target a group's weakest members, the best places to strike are connection points, and a group is only as strong as its weakest link.
These points have been noticeable as companies and government organizations across the world face increasingly frequent cyber attacks.
We've heard about some of them, but most go unreported. Because the attacks are often executed with stealth, organizations whose security has been breached often aren't aware of it. Also, many organizations won't admit that they have been attacked.
Besieged organizations also may not realize that even the most up-to-date anti-virus programs, firewalls and other prevention technologies amount to nothing in the face of advanced cyber security attacks. Attackers can still get in.
To truly make their information more secure, organizations that have suffered cyber attacks should talk to other organizations - not just providers of information security products and services, but also close business partners and competitors. They'll often find that those they speak to have encountered attacks in which similar, or even identical, techniques were employed.
Through such exchanges, organizations can assemble more pieces of the puzzle and gain a deeper understanding of how such attacks are carried out. They may also come to be more aware of who their attackers are and what they're ultimately after. The ultimate hope is they will be able to change the outcomes of future attacks.