advertisement
Fighting Modern Cyber Warfare with an Ancient Military Classic
War has been occurring since the beginning of mankind. Cyber attacks have been in existence since the advent of the…
War has been occurring since the beginning of mankind. Cyber attacks have been in existence since the advent of the Internet. And unfortunately, both are here to stay.
The reason they will never go away is because the motivations behind them are inextricably tied to the natural thirst of humankind for dominance, glory and wealth.
We can draw many parallels between physical and cyber war. It’s perhaps not a bad idea then to take some lessons on dealing with cyber warfare from one of the greatest military classics ever written − Sun Tzu’s Art of War.
advertisement
Written by the renowned Chinese general, strategist and philosopher Sun Tzu 2,500 years ago, the book is widely referenced today by business leaders and individuals. It is a treasure trove of illuminating advice for businesses plotting to outwit their competitors, and individuals seeking to overcome their personal rivals alike. It also provides plenty of food for thought for organizations trying to gain the upper hand in cyber warfare.
Here are three Sun Tzu adages that every CIO should bear in mind:
1. Know your enemy and know yourself, and you will win a hundred battles.
advertisement
If you do not know your own cyber defence capabilities, you need to identify them immediately. But that’s not enough. Having accurate and timely information on your attackers is vital. In the context of cyber attacks, this means threat intelligence is paramount.
At the widely publicised White House Cyber Security Summit recently, US president Barack Obama called for better exchange of public-private sector threat information, and improved coordination among various bodies to fight cyber crime.
That’s good advice that countries around the world should think of heeding. Individual organizations seldom see the “big picture” of cyber attacks. They are too absorbed in stopping an attack, restoring business and IT services, and minimizing downtime. Their failure to share information with other firms lets attackers learn from each attack, adjust their tactics, and apply new techniques to new targets in their next attack.
advertisement
Threat information sharing is about exchanging contexts of attacks. This is crucial because it allows organizations to understand three things − the techniques used by the attackers, the common characteristics between organizations that have been attacked, and how attackers behave once they compromise an organization. These three pieces of information will help IT security teams connect the dots and block new attacks more effectively, thus raising the security posture for businesses and consumers in general.
It is for this reason that Fortinet founded the Cyber Threat Alliance, a worldwide initiative for sharing and acting on Internet threat information, with other security technology providers recently.
2. What the ancients call a clever fighter is one who not only wins, but excels in winning with ease.
The most basic purpose of a business is to turn a profit. A successful cyber attack not only hits your finances and reputation − it calls for a response that incurs expenses. To minimize bottom line impact, businesses need to repel attacks in the most cost-effective manner.
At the same cyber security summit, President Obama called on enterprises to better leverage modern security technologies. I exhort you to do the same thing.
Computing has changed vastly over the past decades. Networks have become incredibly complex, while the introduction of cloud-based, mobile and agile infrastructures has made security much harder to manage. Security technologies from years ago are no longer able to cope in this environment, and must be replaced.
Technology is continuing to evolve to keep pace with hackers. While we already have the ability to intelligently manage different facets of cyber defense today, the future is much more exciting. In the next few years, behavioral analysis will become mainstream in security devices. Advances in data science will let IT security teams mine information from big data environments to identify security related trends, increasing organizations’ ability to predict an attack before it is actually launched.
3. “Should the enemy strengthen his van, he will weaken his rear; should he strengthen his rear, he will weaken his van; should he strengthen his left, he will weaken his right; should he strengthen his right, he will weaken his left. If he sends reinforcements everywhere, he will everywhere be weak.”
The above sends a grim reminder of the realities CIOs face every day. Securing the enterprise is a tough job, because cyber criminals can slip in through the smallest gaps.
One of the most serious gaps confronting organizations today is the poor visibility associated with applications, users, and network services. The situation is worsening as more and more applications reside on virtual environments, and dominant traffic moves from east to west (within the data center) rather than north to south (across the boundary of the data center).
New technologies are being developed to improve visibility into a new software-defined world, where applications can be inspected within a virtual environment. As various such technologies are introduced to the market, the CIO must take time to understand what each technology is for, and learn to manage the information effectively. Otherwise, the really valuable information can be easily obscured by noisy false alarms.
The other thing enterprises can do is, of course, to educate their users.
It’s not far-fetched to say that ignorance is the greatest sin when it comes to IT security. People have often been the weak link in a firm’s overall security posture. They are also the most exploited aspect of the system by attackers. The most sophisticated security devices typically fail in preventing social engineering attacks.
Around the world, organizations that continuously train users with well-developed user awareness and education programs are starting to see a fall in common social engineering attacks such as spear-phishing. Education and user awareness building are indeed two of the most effective areas organizations can develop to mitigate cyber security risks.
Apply the above advice to your IT security strategy well, and you may greatly improve your organization’s ability to ward off global cybercrime.