Top three ways to understand data flow for optimum cyber-security
naseba, a B2B event organiser, talks to cyber security expert Hadi El-Khoury on why offense and defence tactics must inform each other – including the lessons learned from Stuxnet and other advanced persistent threats
Ever wonder why Stuxnet was so efficient?
Why were Stuxnet’s creators able to simulate the introduction, contagion and stealth of the worm so successfully? Nothing but a deep and thorough knowledge and understanding of business and industrial processes can guarantee such success. In fact, the creators of Stuxnet probably possessed a far better understanding of these processes than the target’s own security officers and risk managers.
Delving into the details behind business processes is absolutely pivotal to enabling the optimum cyber security and business continuity measures. It is only when you can get a proper understanding of the former, will you be able to ensure confidentiality, integrity, availability and traceability for your client.
So how can business continuity professionals better their understanding of how data flows through people, process and technology?
Here are the top three key techniques every professional must first consider according to Cyber security expert Hadi El-Khoury
- Start with a blank or a pre-drawn BPM page with all stakeholders being at the table: CISO, BCM, Risk Manager, Business Lines, CTO, CIO, HR. Use some sort of visual thinking and common language; take a snapshot of the current processes and be sure to include actors, flowing data, internal and external interdependencies, supporting assets, etc
- Go through some automatic process discovery and try to reconstitute the business workflow through structured and unstructured data management and analysis
- Abide by a formal and structured way of communicating the logical and physical relationships and dependencies between IT assets and resources (ownership, business processes, applications, systems, hardware, and infrastructure) to define the business services of a modern enterprise or industrial site
If you follow these three techniques you will be well on your way to securing and developing a comprehensive business continuity plan. Failure to do so may just mean you will never get a good grasp on information whether it is processed, transported or stored in information and industrial systems.
Now that you have the know-how, it is up to you to see which of these three approaches can apply to your business. The last step is to break your political isolation and go out to the business to gather their security requirements. Remember, to survive in the cyber space, offense and defence must inform each other and silos must fall. Out-engineering attackers will only be possible if you master your business and industrial workflows.
Readers’ comments are more than welcome! Hadi can be reached at www.linkedin.com/in/helkhoury
Alternatively you can keep up to date with his latest interests in the Information Technology Professionals Network.
Cyber security expert
Big fan of SEKIMIA, KORMOX and OBASHI
Founding member of the French Chapter of ISSA
Founding member of ISVA