In Greek mythology, Cassandra was gifted with the power of prophecy but cursed so no one would believe her. In the Fall of Troy, she warned the Trojans of Greek warriors who were hiding within the Trojan Horse, but her warnings went unheeded. Had the Trojans listened to Cassandra’s divination, they would have never brought the Trojan Horse into the city, and the kingdom may never have fallen.
Taken to the modern world, cybercrime is an ongoing threat to businesses and public agencies alike; if governments and businesses had advanced warnings of cyberthreats like a Cassandra, they’d be much better prepared to deal with them. In the absence of a prophecy, organisations need to take a proactive approach to address these threats so they have sufficient time to respond.
In this opinion piece, Sascha Giese, Head Geek at SolarWinds, shares five ways governments can prepare for attacks before they happen.
1. Preparing for the worst-case scenario
Governments can’t predict exactly when or what the next cyberattack will be, but they can ensure they’re prepared for the worst. This means assuming an attack will happen, minimising the risk, and mitigating possible impacts.
The first step is to evaluate the risks and subsequent potential damages of a hypothetical attack. This will help IT teams convince organisation leaders of the importance of cyberdefense and encourage them to implement stronger cybersecurity measures.
Next, organisations need to evaluate the current strengths and weaknesses of their cybersecurity programmes by diligently examining all their software programmes and flagging any which don’t have the latest security patches. This allows them to fix any cybersecurity gaps before attackers can exploit them.
For example, GovTech Singapore tests all commercial defense software programmes for security flaws before the Singapore government uses them. If flaws are detected, its Advanced Cyber Attack Simulation team will inform the relevant vendors so they can improve their product, wrote GovInsider.
Organisations should also pay close attention to how quickly IT teams respond to attacks.
The Cyber Security Agency of Singapore (CSA), for instance, conducts a nationwide cybercrisis management exercise once every few years to improve the nation’s response to attacks. Organisations across critical sectors, including government, healthcare, and banking, go through simulated disruptions in internet connectivity or the communications network, wrote CSA in a press release.
“These exercises help to enhance incident response processes and communication across sectors,” said CSA’s Chief Executive, David Koh. This helps them respond effectively in the event of a cyberattack, he adds.
2. Knowledge is power
It’s difficult to protect what organisations can’t see. It’s important for them to know exactly what requires protection and at what priority level. Organisations must define their key applications, systems, data, and employees across their entire organisation, enabling their IT teams to put monitoring and access processes in place to protect each person and application.
For example, health records contain a vast amount of sensitive data, which in the wrong hands can lead to a lucrative payday for criminals. Consequently, healthcare institutions need to identify what type of information they’re storing and where this data is stored, heighten security around these items, and regularly review their security procedures.
It’s impossible to secure everything, but identifying and protecting high-priority data should be the top priority for organisations.
3. Implement stringent cybersecurity measures
Teams need the right technology, processes, and effort to improve security and reduce risk. Government agencies can introduce regulations to help staff members implement these technologies and processes across all their departments.
Meeting these regulations ensures senior teams consider cybersecurity a high priority while providing guidelines to help reduce the risk of future data breaches. Governments should also consider implementing guidelines or regulations to help organisations stay ahead of cyberattacks. This can include mandating antivirus programmes on all devices, regular patching of software, and having a comprehensive business continuity plan in the event of an attack.
Countries in Southeast Asia like Singapore, Malaysia, and Thailand have all implemented variations of the laws protecting an individual’s personal data. These Acts set rules to guide how organisations can collect and use the personal data of individuals within the respective country and impose fines when companies have been negligent. This further pushes companies to implement all necessary proactive steps to protect sensitive data adequately.
Another tip for staying ahead of cyberthreats is to have proactive, periodic updates. Cybersecurity teams should review protocols regularly to keep security processes up to date.
4. Bring employees on board
As cyberattacks become more complex, cybersecurity technology and processes are only one part of keeping companies and agencies safe. Employees are the next line of defense. Organisations can offer regular security training to employees and encourage good habits, like changing passwords frequently or using different credentials for each account.
Government agencies can also consider building a knowledge base in the form of a website or portal. This will ensure every staff member has access to the skills needed to identify and avoid cyberthreats.
Certifications are another way to help staff members stay on top of cybersecurity best practices. The Information Systems Audit and Control Association (ISACA), for instance, provides cybersecurity training and certification across various sectors. As the threat landscape evolves, organisations must continue upskilling their employees and instill good cyber practices.
5. International and regional cooperation
Since cybercrime is a borderless crime, it’s vital for organisations to find allies nationally and internationally in this fight. Keeping in touch with a larger community of security experts will help everyone stay on the cutting edge in the fight against these malicious actors.
The Association of Southeast Asian Nations (ASEAN) Cybersecurity Cooperation Strategy, for example, lays out a roadmap for strengthening regional cooperation among ASEAN nations to tackle cyberthreats jointly. The Strategy includes a regional cybersecurity awareness programme and sets regional cybersecurity guidelines for emerging tech like 5G and the Internet of Things (IoT).
Organisations may not have the gift of prophecy, but they don’t need to be cursed to a fate of ill preparation. While they may not have precise information on cyberthreats, governments and organisations can ensure they’re prepared to deal with these threats through ample preparation and ongoing evaluation of their risk profile.