According to research conducted by NowSecure, 35 per cent of mobile communications are unencrypted, 43 per cent of users do not use a passcode, PIN or pattern lock on their mobile devices, and every fourth mobile app has at least one major security issue. Given the vast amount of valuable and sensitive information transmitted via…
The Internet of Things (IoT) is set to explode There are currently 8 billion IoT devices in circulation. Studies suggest that this number will exceed 25 billion by 2020. Research conducted by Gartner in 2016 indicates that more than 50 per cent of key business systems and processes will feature some component of IoT by…
In the digital age, data security is paramount to every business. On-premise servers were the business technology model in the past, but there are more choices now. For the last several years, a debate has flowed through businesses. How will cloud computing affect them? Should they adopt a public cloud approach, opt for private cloud,…
Is your cyber security strategy mature enough to handle a sophisticated threat? Many organizations would likely say no. 2016 had “an all-time record high of 1,093 breaches“, according to the Identify Theft Resource Center. Skimming and phishing were among the most prevalent hacking techniques. Despite the rising numbers of organizations that are impacted by sophisticated threats,…
After nearly 20 years of trying and billions of dollars in investment, why are organizations are still struggling with cybersecurity? In fact, the problem seems to be getting worse, not better. Answering this question requires moving beyond a purely technical examination of cybersecurity. It’s true that the technical challenges are very real; we don’t know how…
Artificial Intelligence (AI) has emerged as the key buzzword for 2017, with experts in numerous fields either praising its transformative potential or expressing apprehension about its inherent danger. Whether a threat or a boon, the disruptive power of AI is clearly felt, and no more so than in the area of cyber security. AI security…
Damages caused by cybercrime are projected to cost the world US$ 6 trillion annually by 2021.This is a steep increase from US$ 3 trillion in 2016. The global cost of ransomware damage is expected to exceed US$ 5 billion in 2017—a 15 per cent increase from the US$ 325 million in 2015. Healthcare is the most frequently…
Kuwait is becoming increasingly concerned over the threat posed by cyber attacks against its strategic oil and gas industry, along with other sectors of the economy, with greater training of staff and improved technology seen as vital front-line defences to ensure cyber security. Kuwait’s Minister of Oil warned on May 24 that the country’s future…
Regional and global trends indicate people are conducting an increasing number of transactions over digital networks and storing more of their data online. This has shifted the security requirements of governments, corporations and citizens alike, as high-profile security breaches at large corporations and government offices around the globe have brought the issue of securing digital content into focus over the past decade.
Kuwait, which depends heavily on its oil and gas industry, is particularly aware of the need to improve the protection of its assets and information through a greater focus on digital safeguards and cybersecurity. The Kuwait Petroleum Corporation – the country’s national oil and gas company – and energy majors across the region have seen a rise in the number of cyberattacks in recent years. In 2012, Saudi Aramco, the world’s biggest oil producer, was hit by a major virus that wiped out data on some 30,000 workstations.
In 2013, oil and gas companies across the Middle East, including Saudi Arabia, Qatar and Kuwait, received warnings of impending cyberattacks on their systems in protest of rising oil prices in the US. Furthermore, in 2014 there were several high-profile threats on Kuwait and its neighbours from another group of hackers based in the Middle East that were protesting the use of the US dollar to buy and sell oil and gas.
DEMANDING PROTECTION: Businesses and government agencies in Kuwait and across the GCC are increasingly demanding services that help protect on-site data and information stored at remote locations via the internet. Modern enterprises and industries are highly dependent on complex integrated computer systems that are connected through the web, making them vulnerable to cyberattacks.
Despite evidence of the vulnerabilities in IT systems and the growth in demand, Kuwait is still not prepared for sophisticated cyberattacks. A survey conducted by Gulf Business Machines in 2013, for example, highlighted that while 71% of IT experts in Kuwait believe the country will be a target for hackers, nearly one-third of businesses do not have adequate systems to secure their data. Still, helping companies and government agencies protect against cyberattacks is a growing business in Kuwait and the broader region. MarketsandMarkets, a market research firm, indicates that the Middle East cybersecurity market is worth over $5bn and is expected to grow to almost $10bn by 2019.
MARKET SEARCH: Western cybersecurity firms have actively targeted Kuwait to encourage the development of systems and processes that help protect against cyberthreats. The US, home to a number of major global cybersecurity firms, has identified Kuwait as a major market for cybersecurity exports. A 2014 report from the Virginia Economic Development Partnership identified key opportunities within surveillance, scanning and security systems as well as consulting services for planning and security management. The report estimates the market for cybersecurity solutions will be worth $1bn in Kuwait alone.
Booz Allen Hamilton, an American defence consulting firm, established a cyberoperations office in Kuwait in 2012 to pursue security projects for the government and for commercial partners. Other American firms, including Lockheed Martin and Raytheon, have also started developing programmes to support cybersecurity initiatives in Kuwait. British firms are also eyeing the market following a $2.4bn deal between the two governments to share expertise on security. Known as the Kuwait Security Programme, the deal includes a major focus on cybersecurity.
Although cybersecurity will remain a challenge for the future of the ICT sector, it will also bring significant opportunities for new businesses to provide protection against cyberthreats. In addition to the bigger opportunities within Kuwait’s big oil and gas projects, the government’s push to establish a strong digital presence, evidenced by efforts to shift a number of functions online under various e-government initiatives, will require a number of core cyberprotection services and should help incubate a local cybersecurity industry.
Paul McCartney wrote “The Long and Winding Road” while the Beatles were in the throes of dissent and months away from breaking up. Listening now to the song’s yearning lyrics and plaintive melody, is it possible that Sir Paul actually anticipated the NIST Cybersecurity Framework’s Recover function, and was imagining the category titled Recovery Planning?
I’ve Seen This Road Before.
With this simple reflection, McCartney eludes to the fact that hackers will attempt either to retain or to regain persistent access. In the absence of effective ways to eradicate or contain the adversary prior to recovery, network defenders will travel down the same roads of Detect and Respond over and over again.
For this reason, NIST recommends that, prior to launching recovery efforts, companies identify the root cause of a cyber event, understand the adversary’s objectives, and evaluate the measures the company has taken to better detect and block the intruder in the future. NIST also highlights the importance of the recovery team coordinating with the incident response team, so that recovery efforts are not futile, do not alert the adversary, and do not destroy forensic evidence.
Anyway, You’ll Never Know the Many Ways I’ve Tried.
Clearly, this lyric is a cry for better metrics. In this regard, NIST suggests building measures around distinct areas of recovery, such as lowering the costs of an incident, improving risk assessments, and improving recovery activities. Metrics might include tracking lost sales due to business disruption, hours of employee downtime, the number and types of incidents that were not adequately anticipated in prior risk assessments, and the time taken to achieve restoration.
It also is important to recognize the value of preparation. Pre-existing documents often include Business Impact Analysis assessments and Business Continuity Plans, as well as a ready summary of corporate Service Level Agreements (and the consequences of not meeting them). In this way, mature information security programs are able to pre-identify those assets that are most critical to the organization’s mission, map out their dependencies, and determine their order of restoration in the event of disruption.
Before an incident, NIST also recommends that organizations conduct “what if” exercises that include scenarios gleaned from headline cyber events. Done well, tabletop sessions help organizations identify and resolve gaps prior to an incident and, in the words of NIST, “help to exercise both technical and non-technical aspects of recovery such as personnel considerations, legal concerns, and facility issues.”
Why Leave Me Standing Here, Let Me Know the Way.
Recovery plans should offer a sense of direction. They should define key milestones, to include the criteria for their completion. Doing so also should establish when the Recover function is complete, allowing team members to return to their normal jobs.
Finally, readers who are interested in learning more about this topic might check out NIST’s recently published Guide for Cybersecurity Event Recovery. It’s free, and best read on a wild and windy night.