Addressing Nation-State Cyber Security Threats to the Enterprise
ago, nation-state threats could generally be identified by their
location. Nation-state actors - hackers that directly support national
governments or those that are organized crime entities hired by a
national government - have become progressively more sophisticated.
Increasingly, they pirate servers and equipment in a victim's backyard,
making it increasingly difficult to identify them or their actual
these challenges, there are steps that CISOs can take to detect
nation-state intruders. A good starting point is by defining the
"normal" state on your company's network, said Bryce Austin, CEO, TCE Strategy.
can begin to define normal network operations, in part, by having tools
on their network to help them define what sort of traffic they have on
the network, the source that is behind the traffic, and where it is
headed," said Austin.
that, a new generation of network firewalls created by companies such
as Palo Alto Networks are demonstrating their worth in real-world
scenarios, said Austin. "We usually don't hear about successful
stoppages in the news because no one likes to talk about how they were almost breached but were able to thwart the attack," said Austin.
communicate nation-state threats to the board of directors and the
level of preparedness that a company has to deal with such threats,
Austin advises ensuring that CISOs have an ongoing relationship with law
enforcement, and an incident response plan on when and how to partner
with law enforcement on nation-state threats.
also critical to help the board understand what the potential
liabilities are to the company from this type of threat," said Austin.
can take many forms, from loss of confidential data, fines from
regulation violations, lawsuits from those impacted by a breach, an
overall loss of the value of the company (such as Yahoo), and general
reputational damage. Sometimes the risks are more specific. For
instance, Austin points to a food manufacturer that was in negotiations
to be acquired. The company's emails were hacked by a nation-state actor
from the potential acquirer's homeland to try to determine what share
price the food manufacturer might be willing to accept for an
security is about preventing those that would use your data or your
systems to gain an advantage over you. That advantage is often about
much more than just money. My role is to help my clients prevent
criminals from gaining that type of advantage."
To learn more about top cyber security trends and best practices, check out our upcoming New York and San Francisco CISO summits.