Critical national infrastructure is one of those phrases that gets used a great deal, but is not often defined very well. When you look for definitions, you often find they differ greatly, or are rather general. Many governments include them on their websites.
There are a number of assets that are critical to the functioning of our society, like energy, water, health, transport and financial services. In fact, when you start listing them, you start to wonder what isn’t critical national infrastructure rather than what it actually is.
It would be interesting to ask some of the twenty year-olds who are part of the Occupy Movement about what in their view is critical to the functioning of society - is it the same as the government’s definition?
One of the links between differing elements of critical national infrastructure is that they each rely on networks to make them work. So the cyber threat to national infrastructure is a threat that comes across networks, through systems which people use on those networks.
The purpose of such attacks is not always very clear. Sometimes it might be a denial of service attempt or the theft of data, but not all have a malicious purpose. Some are actually intended to expose vulnerabilities in order for those vulnerabilities to be closed (think First State Super). Other attacks come from individuals who simply want to make a name for themselves, they create mischief for mischief’s sake. And, of course, there are organised groups who are financially driven, as well as nation-states who may be inclined towards these practices to steal sensitive or strategic information.
I think the main groups that actually threaten us are those engaging in espionage and criminal behaviour.
When responding to an attack impacting critical infrastructure, it is important to have a regime of compulsory, yet confidential reporting of IT incidents so that the organisation under attack is informed in time and can take action in time. In late August 2011, it became known that DigiNotar, a certification authority established in the Netherlands had been hacked. DigiNotar issues certificates for government and other parties, its delayed response resulted in around 530 fake certificates being lost.
There are several challenges in policy making, including curly issues of data protection and cross border sharing of information. The numbers of challenges probably won’t increase, but in time, the complexity will.
Many of these challenges can be solved by working in a public/private coalition which defines the common interest clearly, for many organisations this will simply be business continuity. Today’s interconnected economy is not just about an organisation’s strength and resilience, it’s about the entire supply chain and the ecosystem in which it operates. This is what true national critical infrastructure protection should be about.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.