Training

Cyber threat landscape report

by Mark Rowe

ENISA, the EU’s cyber security agency, has released the 2013 version of its annual threat landscape report.

Visit the ENISA website.

Based on open source material, the 70-page report highlights the cyber threats of 2013, identifies emerging threats and details open issues, such as the fact that end users lack basic security knowledge; the need for greater coordination of information collection, analysis, assessment and validation of data, and the importance of increasing the speed of threat assessment and dissemination.

In critical national infrastructure (CNI) the Euro-body stresses the overlapping issues of safety, physical security vs. cyber security. The report notes that current practices in cyber security measures are based on the assumption that a cyber-security strategy should minimize exposure of as many threats as possible. By transferring this approach to the automotive sector, it is as if one tries to build a car that survives all accidents unscathed. IT-infrastructures need to be resilient and robust to successful attacks without suffering severe impact regarding their availability, integrity and confidentiality, the Euro-body says.

In brief

Threat agents have increased sophistication of their attacks and their tools.

It has become clear that maturity in cyber activities is not a matter of a handful of nation states. Rather, multiple nation states have now developed capabilities that can be used to infiltrate all kinds of targets both governmental and private ones to achieve their objectives.

Cyber-threats go mobile: attack patterns and tools that targeted PCs a few years ago, have been migrated to the mobile ecosystem.

Two new digital battlefields have emerged: big data and the Internet of Things.

That said, awareness for cyber threats has increased, especially within security professionals. Albeit being a result of a more efficient collection practices from ENISA’s side, there is evidence that in the reporting period number, width and quality of threat information collected has significantly increased. This is a significant and important improvement in comparison to 2012, ENISA says.

Apart from providing guidelines on how to protect systems against the technical threats enumerated, any additional response to industrial espionage and state sponsored surveillance is not in ENISA’s mandate.

About ENISA

European Union Agency for Network and Information Security (ENISA) is a centre of network and information security expertise for the EU, its member states, the private sector and citizens. Based in Crete ENISA works with these groups to develop advice and recommendations on good practice in information security. Visit www.enisa.europa.eu.

Comment

Ross Brewer, vice president and managing director of international markets at LogRhythm , has said of the report: “As has been the trend this year, this report once again exposes the fact that not enough is being done by businesses to protect themselves from the extensive range of cyber threats they face today. The fact that one of the open issues relates to a lack of knowledge among end-users worries me – because by now, every organisation should be educating their employees on IT security best practices. Barely a day goes by without reports of some form of cyber attack taking place and organisations really need to sit up straight and learn from past mistakes as we prepare to enter a new year.

“Too many organisations are still over-reliant on traditional security tools, such as anti-virus, but it is a proven fact that these cannot combat the myriad of techniques being constantly developed by hackers. Instead, businesses should be making a point of actively protecting their networks as after all, it’s them that will suffer the consequences of a successful data breach – both financial and reputational. What is more, as ENISA points out, far more knowledge sharing is required if we are going to be successful at beating cyber criminals, as only once all the pieces of information are combined and put into context can we gain true intelligence.

“The only way to address these issues is by having constant 360 degree visibility into any activity taking place on the IT network. Such granular insight allows any anomalous activity to be identified in real time and remediated immediately – rather than after the damage has been done. Taking this approach will also provide organisations with vast amounts of information that can be forensically analysed in order to understand the context of the threat in greater detail. There is no doubt that we need to work together to fight this battle – failing to do so will only ensure mistakes are repeated and the open issues will never get closed.”

Related News

  • Training

    Investigation morning

    by Mark Rowe

    Workplace security investigations techniques are the topic of the latest morning seminar at Loughborough University on Thursday, March 27, run with the…

  • Training

    Wilf Knight Award

    by Mark Rowe

    The annual Wilf Knight Award, presented as part of the IFSEC Security Excellence Awards in London each November, went to James Eaton.…

  • Training

    Red Team/Blue Team for cyber

    by Mark Rowe

    The European Network for Cyber Security (ENCS) has launched a new Red Team/Blue Team (RTBT) cyber security training. It casts participants as…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing