Ignorer kommandoer på båndet
Gå til hovedindhold
< BACK

On Cyber Warfare

We are engaged in a cyberwar on many fronts, a war without end. In conventional warfare, defenders should appear weak where strong, strong were weak and be ready to reinforce weak areas. Humans have engaged in conventional warfare for thousands of years. Cyber warfare is a newcomer. In this NNIT Security Insights article we look at similarities and some of the insights to be gained from such a study.

The Settled Defense

 

Cyber defenses are similar to conventional defenses in many ways. For example, the security measures put in place are often fixed fortifications. They include firewalls (fortified checkpoints), intrusion detection systems (radar/sonar installations), patch management & hardening activities (barbed wire and moats), and so on. Personnel are trained to be vigilant and to execute according to standard operating procedures to ensure at consistent and reliable outcome even in stressful conditions.

Cyber defenses are formed to mitigate the threat landscape at the time of their implementation - but threat landscapes constantly evolve. When driving through Europe, the landscape is dotted with fortresses built to keep out besieging armies. They were built to keep out cavalry and infantry. Against modern armies, they offer no protection. Cyber defenses, too, often change only slowly and therefore risk losing ground to evolving threats.

The Consequences

Fixed fortifications can be probed. Given time, persistent intruders will worm their way through even the most vigilantly maintained security defenses.

So what is needed is a clear and updated asset overview and the flexibility to quickly adjust the cyber defense to evolving threats. This dynamism will deny attackers the advantage of defense predictability.

Battlefield Clarity

This is a challenge in our cyber war. We often rely on an incomplete and outdated overview of assets and accept an information latency that only benefits attackers. In order to deploy our cyber defenses effectively to fight current threats, we need a clear and updated overview of our assets and the associated risks. We can achieve this, and more, through an Enterprise Information Security Architecture (EISA).

Enterprise Information Security Architecture

EISA is the mapping of company assets into a framework that links personnel, systems and processes across the organization. Among the benefits are:

It highlights missing ownership of business processes and assets, 

It highlights cascading or aggregate risks, where one vulnerability impacts one or more entire business processes or the sum of the risks is huge, and

It makes it possible to set measurable risk indicators at critical process and asset junctions, which clearly links the impact of potential incidents to business revenue, legal and recovery costs, and employee motivation.

With this overview, we can better adjust our cyber defenses to protect the business assets and processes most at risk.

One Pasture at a Time

Rome was not built in a day and neither is an EISA. It takes time and it takes resources. It also takes thinking to get it right.

One good approach is to start with a classic identification of our most critical business objectives and map the supporting business processes, identified systems, processes, personnel and identified risks. This will give us the updated overview we need to evaluate and plan our defense.

The use of an electronic Enterprise Architecture mapping system can assist by giving us the advantage of multi-dimensional business process overview and business objective versus risk reporting. It can even offer direct user feedback from employees, thereby giving us real-time, relevant and unfiltered information about conditions at the front.

For most organisations, this facilitates the realisation of the holistic and adaptable approach to cyber security defense which is often advocated by professionals but rarely operationalised. But holistic and adaptable it must be to avoid the exploitation of weak areas by attackers which have become so commonplace.

About NNIT Security Insights

NNIT Security Insights is a regular column where prominent NNIT IT security advisors share their thoughts on current and future IT security challenges and how to deal with them.

NNIT has its own Computer Emergency Response Team (CERT). If lightning strikes, we have the necessary competencies in-house to respond and assist. We have also developed a range of services that can help businesses to achieve the right level of security protection to protect the business from financial and reputational damage.

You are welcome to contact us at nnitcontact@nnit.com if you want to know more about how NNIT can help your business increase its information security level.


 



 

 

Helge Skov Djernes+45 3075 8868 hfsd@nnit.comInformation Security Management Consultanthttps://www.linkedin.com/in/helgeskovdiernaes/Helge Skov Djernes

 

 

NNIT Security Insightshttp://www.nnit.dk/cybersecurity/Sider/nnit-security-insights.aspxNNIT Security Insights
Risky Business?http://www.nnit.dk/ArtiklerOgOfferings/Sider/Risky-Business.aspxRisky Business?
​Ransomware 101http://www.nnit.dk/ArtiklerOgOfferings/Sider/Insights.aspx​Ransomware 101
Cybersecurity Awareness – The First Line of Defense​http://www.nnit.dk/ArtiklerOgOfferings/Sider/CybersecurityAwareness.aspxCybersecurity Awareness – The First Line of Defense​
The Fine Art of Aligning Business Strategy and Information Security Strategyhttp://www.nnit.dk/ArtiklerOgOfferings/Sider/The-Fine-Art-of-Aligning-Business-Strategy-and-Information-Security-Strategy.aspxThe Fine Art of Aligning Business Strategy and Information Security Strategy
​Privacy – why it is worth fighting forhttp://www.nnit.dk/ArtiklerOgOfferings/Sider/Privacy.aspx​Privacy – why it is worth fighting for
​The C.I.A. of application security!http://www.nnit.dk/ArtiklerOgOfferings/Sider/ApplicationSecurity.aspx​The C.I.A. of application security!
Migrate to Cloud Services without Jeopardizing Security and Compliancehttp://www.nnit.dk/ArtiklerOgOfferings/Sider/MigratetoCloudServices.aspxMigrate to Cloud Services without Jeopardizing Security and Compliance
​​​Building a sustainable defence: How to secure your operational technology (OT) environment​http://www.nnit.dk/ArtiklerOgOfferings/Sider/BuildingSustainableDefence.aspx​​​Building a sustainable defence: How to secure your operational technology (OT) environment​
How to Keep Industrial Computer Systems (ICS/SCADA) Running in an Age of Cybercrime?http://www.nnit.dk/ArtiklerOgOfferings/Sider/How-to-Keep-Industrial-Computer-Systems-(ICSSCADA)-Running-in-an-Age-of-Cybercrime.aspxHow to Keep Industrial Computer Systems (ICS/SCADA) Running in an Age of Cybercrime?