Protecting Nations- How to Secure a Nation as Smart Cities Grow
By Stephen Brennan, Senior Vice President, Cyber Network Defence, DarkMatter
The growing array of state and non-state sponsored actors who are compromising, stealing, changing or destroying information is increasingly blurred, potentially causing critical disruptions to information systems. The distinction between traditional threat actors—hackers, terrorists, organised criminal networks, industrial spies and foreign intelligence services—is also becoming more difficult to differentiate. A nation’s approach to cyber security is contained within its Cyber Security Strategy. The aim of the strategy is to promote a secure, resilient and trusted electronic operating environment that supports national security and maximises the benefits of the digital economy. The objectives of a cyber security strategy are that: •All citizens become aware of cyber risks, secure their computers and take steps to protect their identities, privacy and finances online. •Businesses operate secure and resilient information and communications technologies to protect the integrity of their own operations and the identity and privacy of their customers. •The Government ensures its information and communications technologies are secure and resilient. The core principles established as best practice to meet these goals include: National leadership: The scale and complexity of the cyber security challenge requires strong national leadership. Shared responsibilities: All users, in enjoying the benefits of information and communications technologies, should take reasonable steps to secure their own systems, exercise care in the communication and storage of sensitive information, and have an obligation to respect the information and systems of other users. Strategic partnerships: In light of these shared responsibilities, a partnership approach to cyber security across all governments, the private sector and the broader local and international community is essential. Active international engagement: Given the transnational nature of the internet, in which effective cyber security requires coordinated global action, corporates and individuals must adopt an active, multi-layered approach to international engagement on cyber security. Risk management: Today’s current threat landscape is truly global where all internet-connected systems are potentially vulnerable and where cyber attacks are difficult to detect, there is no such thing as absolute cyber security. It is imperative that we apply a risk-based approach to assessing, prioritising and resourcing cyber security activities backed up by the trusted ability to validate. Protecting national values: Successful next generation communities and economies must pursue cyber security policies that enhance individual and collective security while preserving fundamental values and freedoms. Maintaining this balance is a continuing challenge for all modern economies seeking to meet the complex cyber security challenges of the future.