Cyber Security and the CIO Challenge

Cyber security is the double edged sword of modern business. Because the Internet is an evolving technology that carries enormous potential and vulnerability, cyber security embraces questions of internet freedom, network architecture and the economic potential of cyberspace.

Large global multinationals, small local businesses and startups alike use online infrastructure to facilitate economic and technological innovation. With this growth comes increased risk as well as opportunity. Advanced, persistent threats reflect the risks posed by adversaries with the sophistication, resources and determination to cause real and permanent damage by exploiting the architecture of networks, and of cyberspace itself.

The 2012 Cyber Crime and Security Survey: Systems of National Interest, published by the Australian Government, disclose some of the cyber security measures that key infrastructure sectors have in place. Of the 255 organisations surveyed in Australia's banking and finance, communications, energy, resources, transport and water sectors, 90 percent reported they have firewalls and security software in place. However, 20 percent of the same respondents described some form of ''cyber incident'' that occurred in 2012. Logic would define that there is a gap, and cyber-attacks are occurring more frequently than desired.

It’s no surprise 16 percent of respondents identified being exposed to ‘denial-of-service attacks’ (DoS). These attacks are fundamentally different to other virus, malware or identity attacks. The apparent legitimacy of a DoS attack is achieved by using authorised ports – hence firewalls and the other security software listed above are ineffective against them.

No one can argue that the cyber security of an enterprise is the domain of anyone else but the CIO. Processes, practices and decisions all largely fall to the one person.

The stakes are high for CIO’s as more and more reliance is placed on them by employees, partners and consumers, to protect them from the reality of the cyber domain. The report identifies that 19 percent of respondents believe the key motive for cyber crime is financial gain, so the stakes rise higher quickly.

The report findings state the top two suspected motives as being non-targeted unsolicited malicious damage (17 perdent), followed by indiscriminate attack (almost 16 percent). So often when looking for the culprit of a random attack, a DoS attack is held responsible. These types of attacks can render enterprises’ online services totally redundant, sometimes for long period of time. If an attack is launched, it has the ability to not only affect customer facing avenues of an organisation, but also any online services that an enterprise relies on internally, such as online portals or other integral services.

Based on the report’s findings and the discussion surrounding DoS attacks, below is a brief outline of how to combat this form of cyber warfare:

1. Assemble a crisis team
Unavailability of services for customers can not only spark outside concern, but also inter-organisational problems if DNS services are targeted. As soon as disruptions are noticed, a crisis team should be assembled by the security department. The aim of the crisis team should be to gather information on the origin, nature and targets of the attack(s).

2. Assess and determine plan of attack
The team needs to completely identify the attack and evaluate how to stop it. There are two avenues which can be tried:
- Engage the Internet service providers (ISPs) to block traffic that could be linked to the suspected threat.
- Strengthen local defences by enhancing and editing configurations of firewalls and server detail.

3. Apply Blocking mechanisms
Once the attack has been identified the team should contact operators and request origin tracing to commence, and apply any available blocking mechanisms. This should help prevent future attacks from the same instigator.

The key thing to keep in mind when assessing the Government’s reports is that these are the trends and insights from our very own organisations. What is reflected is going to affect each and every one of us in some way, so it’s important to be informed, prepared, and ready to act.

Join the CSO newsletter!

Error: Please check your email address.

Tags CIOscyber security

More about Engage

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gordon Makryllos

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place