I have come across this article today - 4 factors for avoiding cyber espionage attacks. Good points... but I do have a few comments.
1. Data Policy
Yes. Define your data policy and its classification. Most of the time, the Business is the one accountable to set it, and (unsurprisingly) most of the time they failed to do so. Hence, it is our job as a information security professional to do due diligence to help them set one.
2. Bring Your Own Device (BYOD)
Need me say more? I had written a few pieces about the risks of BYOD. Go check it out :)
3. Protect your critical infrastructure
Separation of network with the intellectual property from the rest of the network is like security 101. However, to do so, you'll need to know what you want to protect first. So the question is - how do you know? See point number 1. It's all starting with data classification - I will say it is security 100. Do a risk assessment on your data, then you'll know what to do with the risk. To mitigate or to accept.
4. Monitor for unexpected behavior
Right. Not an easy one. You'll need to know what to look for. One might say Data Leakage Prevention (DLP) is the answer but I have yet to see a real return of investment on DLP solution. It's a pain in the XXX to get it implemented. Too many false alarms. Need full time resources to monitor etc.....
Monitoring is only effective if you know what you want to monitor. Perhaps, you'll need a holistic and overarching (my auditor friends love this sentence, like it is crafted in their gene or super-glued to their head. Stuck there forever, like a BFF ) monitoring in place (See the tongue in my cheek?). In a lay man term, that would mean having the right people, process and technology in place...
Before I keep my fingers off the keyboard. I have another point to add:
5. Awareness
Educate you employees (not just those IT folks, but all employees, including your cleaners) on how to spot someone potentially casting a cyber-espionage spell or charm on them. Educate them how to react, what to do not, who to report the suspicion to etc.... The people is always the weakest link.
Acknowledgement - photo taken from http://en.wikipedia.org/wiki/Spy_vs._Spy
No comments:
Post a Comment