Intelligence gathering may be key against cyber attacks

18 Jan 2012

A new doctrine for defending firms against cyber attacks that could cripple IT systems is being urged by EMC: firms need to share intelligence about recent attacks in order to fight back.

Jason Ward, EMC’s country manager in Ireland, said organisations will need to take more proactive steps to prevent cyber attacks following a new report from the Security for Business Innovation Council (SBIC) – a group of leading security executives from some of the world’s largest corporations.

“Irish companies need to develop a new defence doctrine for combating advanced threats and intelligence-driven information security is emerging as the clear pathway to protect IT infrastructure.

“That means collecting reliable cyber security data and researching prospective cyber adversaries to better understand risk and learn about why and how attacks occur.

“It means developing new skills in the IT team to produce and analyse intelligence and identify normal and abnormal system and end-user behaviour in the IT environment.

“There is a need to share useful threat information such as attack indicators between organisations so that we can build comprehensive defence networks against increasingly sophisticated cyber attacks,” Ward said.

Increase in tempo of attacks

His comments come as SBIC published its ninth report based on the real-world experiences of 17 top information security leaders.

The SBIC is a group of top security leaders from Global 1000 enterprises convened by RSA to discuss top-of-mind security concerns and opportunities.

“Cyber risk intelligence is no longer just for government agencies – it is a required competency for corporate survival,’ said Art Coviello, RSA’s executive chairman.

“The tempo of recent attacks calls for urgent and bold counter measures that position organisations not only to detect advanced threats but also to predict how attacks may occur so they can take preventative steps,” Coviello said.

RSA itself came under a sophisticated cyber attack almost a year ago when hackers attempted to compromise the company’s SecureID authentication service. In August, RSA launched the RSA CyberCrime Intelligence Service.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years