Vigilance can report that following the news that cyber security experts from industry are to operate alongside the intelligence agencies for the first time in an attempt to combat the growing online threat to Britain's firms, two IT firms-Websense and Barracuda Networks have said the Government’s initiative has come as a welcome relief to do battle with online sharks, which have before now had tended to be having a field day doing maximum damage to businesses, organizations and governments by operating in a manner that gave the impression that they were unconquerable.
“The collaboration between businesses and government to fight cybercrime can only be commended. Companies need to put aside the stigma associated with being targeted by cyber criminals and understand that its reality. It’s not a case of if; it’s a case of when, said Neil Thatcher, Information Security and Security Officer, EMEA at IT security firm, Websense.”Only when companies shift away from relying on basic security controls that can be bypassed can we say that we are making real advances in fighting cybercrime. Too much security budget is still being spent on passive security solutions that allow threats to enter and leave before being acknowledged by the security team. To gain the active security and intelligence needed, companies should invest in solutions that block attacks in real-time and have forensics to enable them to understand what was trying to be achieved.”
Mr Thatcher notes that currently, it is too easy and too lucrative for cyber criminals to attack organisations. Initiatives such as these are vital in countering the balance and making positive steps forward for businesses.
Also, commenting on the initiative, Wieland Alge, IT security pioneer, inventor of one of the most robust corporate firewalls and VP and General Manager EMEA, Barracuda Networks said: “The new anti cyber threat centre initiative, known as Project Auburn to share information on cyber threats between businesses and governments, reflects the realisation that cyber attacks are a threat to all business establishments. Any critical infrastructures could be targeted. Private and public sector companies need to have a clear and immediate understanding of the threat situation, which requires businesses tries to report attacks in full as soon as they are discovered. This sharing of attacks, vulnerabilities and damage is essential to developing countermeasures to protect others from falling prey to the same kind of attack.”
Mr Alge added: “Businesses’ protests of nervousness of revealing publicly when they have been attacked due to the potential threat of revealing trade secrets and data confidentiality are quite unfounded. By focusing on their reputation and stock market value only, they forget that what’s at stake in an attack is their customers’ data. And that means us and our data. If our data is being stolen, then we need to know about it. We stand to suffer from its misuse. We need to be aware of potential secondary attacks we might be facing with the data we thought safe with our service providers, our banks, hospitals, even the stores we shop at and media we subscribe to.”
The IT guru added: “Any piece of sensitive information about us and our behavior could be used in targeted phishing attacks – so we need all the help we can get to avoid falling victim. If industry security agencies and businesses can’t work together they will become paralysed and unable to prevent and protect our data from cyber attacks.”
Meanwhile, Jonathan Evans, head of MI5 has been quoted saying that the scale of attacks was astonishing in 2012. This, coupled with recent attacks on the BBC’s twitter account and on banks and broadcasters in South Korea is a solid indication of why the new initiative to share information on cyber attacks between businesses and governments is an overdue step in the right direction.