Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CIA: Who is watching out for you?

Adam Neale, Chief Operating Officer, EB2BCOM | May 4, 2015
It's time for IT security teams to be more vigilant and start behaving like the CIA, argues Adam Neale

For most people, the acronym CIA refers to the Central Intelligence Agency, that shadowy organisation that looks after US intelligence matters. It's the same agency that conspiracy theorists accuse of being complicit in many of the country's worst moments in history.

For technologists, CIA stands for something completely different — confidentiality, integrity and availability — three things that are crucial to the security of your business.

Let's break this down. Confidentiality refers to the ability to hide information from unauthorised people. You can do this through cryptography or encryption.

Integrity ensures that data remains unchanged and is an accurate representation of the original documentation. And availability guarantees the information is readily available to authorised viewers.

This triad allows those dealing with technology-based security issues to actually act like a CIA agent and follow the signals sent by a company's security software.

How do you follow security software signals?

You put the right people in place to monitor security alerts. The best thing an organisation can do is nominate a trusted administrator who is alerted every time a server goes down or a dodgy Russian bride or Nigerian prince sends an email and accesses the system.

The nominated person may be the document owner, a security officer, a manager, or even the GM and they should determine who is on the security list.

Think of the nominee as the bouncer at the door of your favourite nightclub (when you were partying hard through your late teens and 20s). Nightclub security is some of the most stubborn in that industry — you won't get past them if you're looking a little suspicious. That is what you want from your gatekeeper — stringent checks and ruthless monitoring of who comes and goes.

This doesn't always work as evidenced by the atrocious monitoring by Target staff in 2013 when they missed the biggest retail hack in history.

When some bright spark installed malware in Target's security and payments system to steal every credit card used at the company's 1,797 US stores, it left customers extremely vulnerable.

Despite some of the most rigorous security measures undertaken by any global entity and alerts from security company, FireEye, that looks after the Pentagon, Target's security officers missed their mark.

In fact it wasn't until they were alerted to the breach by the US Department of Justice that they knew anything was wrong. This is despite FireEye's alerts from 30 November and more from 2 December, when hackers installed yet another version of the malware.

Those alarms should have been impossible to miss. The signals went off before hackers had begun transmitting the stolen card data out of Target's network.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.