All must share security burden

Internet | Art Coviello

Strong cyber security cannot be achieved by any of us in isolation: It's a group condition, a group responsibility.

International cooperation is needed. Chinese companies that are concerned about the safety of their digital assets must reach out to organizations they trust to exchange security information.

They need to learn what their business partners - and the partners of their business partners - are doing to protect this interconnected community's digital assets.

These three points are often true about cyber attacks: an enemy prefers to target a group's weakest members, the best places to strike are connection points, and a group is only as strong as its weakest link.

These points have been noticeable as companies and government organizations across the world face increasingly frequent cyber attacks.

We've heard about some of them, but most go unreported. Because the attacks are often executed with stealth, organizations whose security has been breached often aren't aware of it. Also, many organizations won't admit that they have been attacked.

Besieged organizations also may not realize that even the most up-to-date anti-virus programs, firewalls and other prevention technologies amount to nothing in the face of advanced cyber security attacks. Attackers can still get in.

To truly make their information more secure, organizations that have suffered cyber attacks should talk to other organizations - not just providers of information security products and services, but also close business partners and competitors. They'll often find that those they speak to have encountered attacks in which similar, or even identical, techniques were employed.

Through such exchanges, organizations can assemble more pieces of the puzzle and gain a deeper understanding of how such attacks are carried out. They may also come to be more aware of who their attackers are and what they're ultimately after. The ultimate hope is they will be able to change the outcomes of future attacks.

When organizations gain a broader perspective on cyber threats, they become less reliant on preventive technologies that are easily evaded by sophisticated attackers. They instead turn their attention to identifying and protecting their most important information assets. They invest their security resources in technical and procedural solutions that result in a faster detection of attacks and quicker responses to them.

Some organizations may believe they are unlikely targets of cyber attacks. Consider, though, that attackers often wage cyber attacks against companies in order to get at their business partners.

Cyber attackers prey on the vulnerabilities of our digital connections and are often far more aware of those vulnerabilities than we are ourselves.

In 2013, cyber security will continue to be challenged in the following ways:

Hackers are more likely to become even more sophisticated.

Our attack surfaces will expand and any remaining semblance of a perimeter will continue to wither.

Changes will occur whether security teams are ready or not.

Governments will continue to struggle to write rules concerning evidence, information sharing and the reform of privacy laws.

Nation states will continue to move past intrusion and deliberately attempt to disrupt and destroy.

Responsible people in organizations will move beyond being aware of the seriousness of the situation and obtain a genuine understanding of it.

Adopting an intelligence-based security model that includes big data and analytics will prove essential in the formation of a true defense-in-depth strategy.

This year will be one to witness our efforts toward achieving greater cooperation. The continued growth of our interconnected global economies will depend on it.

The author is the executive chairman of RSA, the security civision of EMC.

(China Daily 01/09/2013 page16)