Preventative Cyber Measures Require More than the Mere 'Whodunit'
The information shared about a cyberattack should include how a company’s digital defenses were breached to discover how such an incident could be prevented in the future.
Preventing cyberattacks through information sharing between the public and private sectors should involve more than the simple whodunit, according to a recently released study by the RAND Corporation.
The information shared should include how the company’s digital defenses were breached to discover how such an attack could be prevented in the future, according to the study called, “The Defender's Dilemma: Charting a Course Toward Cybersecurity.”
Many businesses have hardened their cyber defenses in recent years as the barrage of assaults continues. The Obama administration says one key to staving off these attacks is through information sharing between the public and private sectors.
But the focus, so far, has revolved mostly around sharing threat signatures, such as IP addresses and malware hashes, according to the study, which was sponsored by Juniper Networks, a corporation that develops networking products.
The information-sharing tactic is only effective if the signatures come from specific hacker groups, don’t evolve over time and are possible to detect, according to the report.
The study’s researchers interviewed 18 chief information security officers about cybersecurity challenges.
“A community that is prepared to share what went wrong and what could be done better could collectively educate the world’s CISOs and promote higher levels of cybersecurity,” the report stated.
Most CISOs interviewed did not think the federal government could help them stop these cyberattacks, according to the report. Instead, they said they should put their energy into keeping watch over their network security on a daily basis.
For all businesses, the price for managing the risks associated with cybersecurity is expected to increase by almost 40 percent during the following decade, according to the report.
Funding cybersecurity is a game of balance. If entities spend too much on tools to protect against attack, when the group is hit by the inevitable attack, they’ll have little funds available to recover.
It's somewhat of a guessing game, because “even though organizations know most of the costs of cybersecurity, how many attacks or how much damage they have avoided is far less clear,” the report stated.
(Image via Maksim Kabakou/ Shutterstock.com)