Did you know this is the seventh annual National Cyber Security Awareness Month? Get out your protective gear and we’ll relate what we learned about cyber security from Gigi Schumm of Symantec at FedTalks 2010.
If you go back seven years ago to 2003 the big viruses were blaster and slammer. In those olden days hackers were usually kids looking to make a name for themselves. Now they’re often professional thieves or organized crime, possibly backed by nation states. The motives have changed as well from merely being annoying to disrupting the flow of communication to both people and infrastructure.
The methods hackers use as well as the numbers of attacks have grown exponentially in the past couple years. Symantec writes signatures, or fixes, for cyber attacks. In 2008 they wrote 1.6M signatures, which was more than the previous 16 years combined. In 2009 they wrote 2.9M signatures.
Today’s growing challenge is the proliferation of different devices such as laptops, iPads, smart phones, Kindles, etc. Users mix home and work on these devices, which complicates the challenge. Think of all the documents you receive – PowerPoint presentations, PDFs, music, movies, etc. This explosion of data confuses the situation further.
Virtualization and cloud computing – whether public or private – bring the promise of increased efficiency, cost savings and better service. But this development also “clouds” the picture for cyber security.
So what’s the next step? Gigi advises that an info-centric security model is where we need to head instead of a network- or system-centric model. It’s not enough just to build higher firewalls because of the aforementioned explosion of data and proliferation of devices. So what’s important in an info-centric model? People and information. There are four key items to help organizations move to an info-centric security model:
1. Identity security. We must pay attention to who is sending us information, what they are sending and assess appropriately.
2. Device security. Symantec has launched a reputation scoring engine, which leverages the wisdom of the crowd to determine security. If a piece of code wants to execute, the software can compare the code and score it based on its reputation. Reputation is based on things such as how long the software has been around, how many users it has on the internet and do we know that it came from a known good site. The score determines whether or not the software can run in your environment.
3. Information protection. What information needs to be encrypted, and is their data loss prevention technology in place to prevent sensitive data from leaving your environment.
4. Context and relevance. The four Ws of information – What is the most critical data? Where is the data? Who needs the data? When do they need the data? Remember that all data is not created equal. Gigi relates that private sector customers think that less than 10% of their data is critically important. While public sector is no doubt higher, it’s nowhere near 100%.