| Azaraimy HH |
THE inaugural Cyber Security Forum Brunei has helped paint a clearer picture of the cybersecurity threats and challenges as well as strategies in addressing these issues.
Royal Brunei Technical Services (RBTS) CEO Hjh Rosmawati binti Hj Manaf noted the forum was created with a vision to create a platform to bring together all stakeholders in both the public and private sectors – be it business executives, government officials, IT professionals or cyber security experts – to discuss and address trending issues in cybersecurity, in hopes that it will help people better prepare themselves – as the forum’s theme suggest ‘Combating Cyber Security Threats.’
The forum featured many excellent speakers such as George Platsis, the Chief Administrative Officer of SRI Professionals from Toronto, Canada. He currently sits on the Board of Directors of the National Defence Foundation (Washington, DC), concurrently serving as the director of the research centre. Additionally, he serves as the programme director of the Centre of Excellence in Security, Resilience and Intelligence Management at the Schulich Executive Education Centre.
His presentation highlighted what we think of the cyber domain. As security and economy become even more interconnected, while we concurrently increase out dependency on technology, we must reconsider how the increasing threats and vulnerabilities impact us, as a solely technological solution cannot protect us.
His presentation specifically focussed on strategic challenges, in order to assist executives and senior management in their decision-making.
According to the Internet Statistics 2012 Report, there were 2.1 billion Internet users. According to a report three years ago (Sloan, 2012) a person can register 14,962 domains in 24 hours, and Google alone can detect 9,500 new malicious websites per day (Mills, 2012), and 80,000 new variant types of malicious code on the Internet every day.
He said we are moving pretty fast. The power of technology doubles every 18 to 24 months, he explained.
He believes that uncertainties will continue to grow; with more opportunities, but less assurances.
He also demonstrated the evolution of cyber threats: In the 1990s there were viruses, in the 2000s there were worms, in 2008 and after, there were Botnets. Today, there are APT, Insiders.
In the early days, hackers were made up of young people who would do it for fun, hacking business organisations to play games. Then, crime syndicates began to take notice of the benefits of hacking. They started employing hackers, paving the way for white collar cybercrimes.
He underlined the importance of creating policies to restrict physical access to information assets, to configure network devices and services to prevent unauthorised access, to assign incompatible duties to different individuals or groups so that no one individual can controls all aspects of the information system, and to maintain and test continuity of operation plans.
He also called for the smart use of the Internet, noting that pirate search engines have advertisements from Fortune 500 companies, including targeted ads from ISPs that are attractive to high bandwidth users. Nearly a fifth of all Internet traffic is from peer-to-peer file-sharing.
With the economy and security linked, he believes it makes economy and cyberspace the 21st century weapons.
He said every country is at risk, Brunei included. Do not underestimate the power of strong policies and well-founded education.
Another excellent speaker was Michael Daly, the Chief Technology Officer Cyber Security and Special Missions – Intelligence, Information and Services (IIS), Raytheon Company.
His presentation was on National Cyber Security Operations Centers: Information Fusion for Security and Success.
He highlighted that success in today’s landscape requires more than just the application of the newest technologies and a deliberate blend of people, process and technologies to ensure organisations, whether they be nation-state governments or businesses, can stand-up to all types of cyber threats and continue operations to leverage the benefits of the global information environment.
Properly implemented cybersecurity operation centres deliver the comprehensive means to make sense of an information environment for better leadership decision-making and can include advanced analytics including open-source intelligence collection as well as the means to reverse engineer malware and conduct forensic analyses, all of which lead to better defences.