9 Cybersecurity Strategies and Insights
A partnership among George Mason University, IBM, and the National Science Foundation (NSF) has produced new research and strategic insights into cybersecurity threats and cybersecurity strategies for risk management.
Key cybersecurity strategies and insights the research unveiled:
- Industry would like to have one government entity to connect with on cybersecurity issues. Currently, depending on circumstances, an organization might need to contact the Department of Energy, FBI, the Department of Homeland Security, the Department of Defense, or National Institute of Standards and Technology.
- Too few organizations are building security and risk management into technology products before bringing them to market.
- Top company executives and board members, who typically do not have IT or cyber backgrounds, need to be educated on cybersecurity issues in order to make informed decisions.
- New targets are becoming important to terrorists and adversarial nation-states. While data theft (credit cards or identity) is still prevalent, there is a surge of more complex cases of sabotage and cybercrime.
- Information Technology (IT) priorities are different from Operational Technology (OT) priorities. Confidentiality is first for IT; availability is first in OT.
- The “defense in depth” strategy is still relevant. This strategy manages risk with diverse defensive strategies, so if one layer of defense turns out to be inadequate, another layer of defense will hopefully prevent a full breach.
- Utilities in the capital region can feel more threatened because of proximity to the seat of government. External factors, such as a city hosting an Olympics, can add risk to any utility.
- Security is the bond between digital representation (your online bank balance) and reality.
- Identifying cyber attackers is becoming easier. However, once found, how to deal with such attackers, especially international ones, is often uncertain.
“Cybersecurity has emerged as one of the biggest challenges we are facing as a nation,” said Angelos Stavrou, director of Mason’s Center for Assurance Research and Engineering and professor in Mason’s masters in cybersecurity management program. “Now is the time to turn this challenge into our next success and export it to others by investing in cybersecurity education and innovation.”
A report detailing these conclusions will be published in the coming months, similar to the one produced by last year’s conference. Download the 2014 Mason-IBM-NSF Cybersecurity Workshop Report.
Trackback from your site.