Cybersecurity and Network Situational Awareness
Author:
CSC World Magazine
Life is full of surprises. In IT, few know that better than those in cybersecurity. As the world becomes more connected and organizations experience massive increases in infrastructure access points due to innovations like the cloud, mobile devices, the new Internet Protocol (IPv6), and “x” as a service offerings, the ability to rapidly counter threats to an operation continues to challenge even the best technologists.
That’s why many stress the importance of awareness. It’s an idea moms have touted for millennia — ‘be aware of your surroundings’— and something just as relevant to IT. Referred to as “situational awareness,” this level of alertness is all about knowing what’s happening within your enterprise as well as in the outside world.
“You cannot think about situational awareness strictly within the confines of your own network or enterprise any longer,” says Carlos Solari, CSC vice president, Cyber Technology and Services. “The challenge is how to correlate the threat information that’s available in the larger picture with the sensor information you have from inside your own network.”
This is especially true as new sophisticated threats emerge, like Stuxnet. This malware, which targets industrial equipment, has infected at least 24 of Siemens’ industrial customers’ systems worldwide, including the centrifuges used in Iran’s uranium enrichment program. And while this isn’t the first case of cyber sabotage — Stuxnet was discovered in mid-2010 — some say it’s a game changer because of the amount of resources used for its development and its sophistication.
“Stuxnet has received the attention of industrial manufacturers and power producers worldwide who now realize their operational systems may be more vulnerable than they had thought,” says Sam Visner, CSC vice president and lead cyber executive. “Because of malware like Stuxnet, public awareness has increased and people are beginning to realize that having cybersecurity situational awareness is even more important — not just for general IT systems, but also to protect against threats to the IT embedded in and used for critical infrastructure.”
Recognizing emerging threats
Many nations believe these threats are real, as are their consequences. For example, the UK’s 2010 National Security Report lists “hostile attacks upon UK cyber space by other states and large-scale cyber crime” as one of the top four risk areas that should be the highest priority for action, taking account both likelihood and impact. Evidence of the UK’s cyber emphasis is the fact that even with last year’s deep budget cuts, it has committed £650 million over the next four years to cybersecurity “to give Britain a real advantage in cyber resilience.”
Continue reading about cybersecurity situational awareness in CSC World magazine.