How to Prepare for Cyber War

Cyber security continues to top the list of concerns for governments and businesses around the world. But what actually constitutes a cyber attack? To some industry experts, “cyber wars” occur when IT security is breached and the criminal party commits information theft, espionage, or the destruction of data, systems or physical entities.

“What constitutes cyber war, depends on scale and genesis,” according to Michael Chertoff, former U.S. Secretary of Homeland Security, as quoted in a recent Computer Weekly article. And while there is no single fix to the cyber war problem, there are assessments that can be made in order to be prepared.

According to Bruce Schneier, chief security technology officer at BT, businesses secure against risk up to the value of the business. After that, he said it’s up to the government to fill the gap. Unfortunately, that doesn’t always happen, as government oftentimes wait for a catastrophic event before taking action.

The problem should be handled one step at a time. Chertoff suggests that stakeholders identify specific problems, such as insider threat or threats to the supply chain, and then determine methods to mitigate those risks.

“Public and private organizations have to start thinking about disaffected people on their networks who may want to compromise those networks or information stored on them for their own purposes,” said Mike McConnell, executive vice-president at consultancy firm Booz Allen Hamilton, in the Computer Weekly article.

The bottom line: In the face of cyber war, policies must be put into place focusing on what would be a reasonable response to cyber attack.

For more lessons learned on cyber wars and more tips on how to prepare against cyber security breaches, read the full article: 
http://www.computerweekly.com/Articles/2011/02/22/245543/
Analysis-Prepare-for-cyber-war.-But-what-does-it-mean.htm