Tuesday, May 14, 2013

4 Ways to Defend Against State Sponsored Attacks

Enterprises Challenged to Safeguard Their Infrastructure

With reports - the latest one issued this past week from the Defense Department - that document the Chinese military and government targeting key government, military and business computer systems in the United States and elsewhere, operators of those systems face a challenge of defending their IT assets.

Security experts generally agree that the best defense against nation-state attacks needn't be tailored to a specific attacker. No one solution will help organizations to defend against nation-state attacks, whether from China, Iran, Russia or elsewhere. Still, knowing who's attacking IT systems can help organizations better plan their defenses.

One of the key differences between state-sponsored espionage and organized crime or hackers is their level of persistence and determination to break through defenses.

Security experts say fundamental cybersecurity and risk management practices, if implemented properly, should reduce the damage done from all types of attackers, including those from nation-states.

Here are four steps organizations can take to shore up their defenses against nation-states cyber-attacks, although not all of these approaches would be appropriate for each organization:

  • Avoid acquiring technology from companies based in nations that pose a threat;
  • Isolate internal networks from the Internet;
  • Share cyberthreat information with other organizations;
  • Enhance employee cybersecurity awareness programs, including testing worker' knowledge of best IT security practices.

No comments: