Learn three vital steps all agencies need to take toward building a stronger security intelligence.
BY IBM | SEPTEMBER 17, 2014
As new, more advanced technologies make it easier for us to store and access information, this technological ease and convenience also creates new opportunities for security breaches that can affect thousands or millions of people in a single attack.
There were more than 1.5 million monitored attacks in the United States in 2013, according to the IBM Security Services 2014 Cyber Security Intelligence Index. Sometimes these incidents are complicated cyber attacks from large-scale, sophisticated sources. Other times, the massive damage is carried out in a simple, straight-forward manner, such as when a Chinese 2013 report of government data security breaches revealed that a tax bureau employee secretly copied resident information from the bureau’s intranet onto a USB memory drive and sold it.
However, while most people are aware of the risks a cyber breach can have on national and regional security, the damaging effects on economic vitality is less known. As technology continues to play a key role in economic development, government organizations that prove to be vulnerable against cyber attacks risk damaging their reputations and can be challenged to attract new businesses or retain current local companies. Businesses are hesitant to locate in a municipality that, for example, has not protected its online permit applications from hackers. People will not want to work in a region that is unable to provide services because of a security failure or that can’t protect its tax-paying residents from hackers.
What should government agencies do to protect their reputation and economic vitality? All government organizations — from the local, municipal, regional and national level — should keep a sharp focus on optimizing security intelligence to prevent inadvertent and deliberate security incidents. Below are three vital steps all agencies need to take toward building a stronger security intelligence:
1. Get informed
Agencies need to address IT security risks before incidents occur. This includes a focus on identifying key threats, reviewing existing security risks and challenges to the agency’s data, enforcing risk management processes and common control frameworks, executing incident management processes when crises occur and empowering proper experts to maintain regular communications about security-related issues.
2. Get aligned
Being informed about security risks doesn’t stop with your organization, but actually extends to those you serve. A security intelligence plan includes key stakeholders, citizens, employees, auditors and regulators.
3. Get smart
While defending your systems is crucial, the most innovative agencies need to go a step beyond and use predictive analytics to detect any advanced persistent threats. The data analytics need to also identify previous breach patterns to predict potential areas of attacks, keep a close eye on suspicious employee behavior and monitor external environment.
After taking proper precautionary safety steps, the most innovative security intelligence should have the following capabilities:
- Real-time flow analytics. Traditional logs may allow agencies to study past activity to identify trends, but flow analytics can track and monitor user behavior, social media usage, mobile activity, and cloud activity, which can all be crucial areas to keep a close eye on when sensitive information is at hand.
- Predictive analytics and pre-exploit awareness. Data mining is crucial to identify unusual trends and patterns in behavior.
- Anomaly detection. These tools can uncover activities and behaviors beyond what’s expected.
- Data source integration and visualization. The most prepared agencies know they need collaboration among various data sources to spot threats.
- Management of all endpoints, including mobile devices. As mobile devices have become key to stealing damaging data, an underlying framework is needed for organizations to respond quickly to security threats.
The bottom line is, don’t wait for a security breach before taking steps. The best, most innovative agencies understand they need to take preventive steps or risk losing their reputation as well as economic vitality for years to come.
For more information, read the white paper, “The economy of security: How physical and cyber security drive economic vitality.”
IBM | Published as a part of the Smarter Government initiative.
laurenm@us.ibm.com | https://twitter.com/IBMSmartCities
laurenm@us.ibm.com | https://twitter.com/IBMSmartCities
www.governing.com
No comments:
Post a Comment