William Hague brought the curtain down on the London Cyber Security Conference, confident that it had succeeded in accelerating the debate on some very important issues. The conclusions have been outlined in a document called the London Agenda and covered a broad of subjects including:
- the need to broaden physical ability to access the internet
- to ensure that cyberspace is secure and reliable
- that efforts to improve security are not at the expense of human rights
- that we enhance cooperation and collaboration between states
- that we act together to address the threat from cybercrime
- that we preserve the global interoperability and resilience that underpin the economic and social benefits of the internet
Hague also made a direct address to businesses and governments. Hague stated that businesses need to “work with your Governments in whichever country to safeguard intellectual property and prevent cybercrime, while continuing to pursue the innovation and ideas that created cyberspace in the first place”. Essentially, businesses need to take responsibility for the protection of their own critical assets and information security.
Even in these dour economic times it may be more cost-effective for organisations to spend time and money on creating effective cyber defences, instead of suffering the consequences of a cyber attack. Indeed almost all individuals and organisations at some point are attacked – admittedly to varying degrees. Reducing and mitigating against attacks should be the standard course of action, instead of what often happens in being re-active to a situation.
The London Conference is expected to return the issue of cyber security to many boardrooms, and organisations would do well to take a look at those who have implemented ISO 27001 – the international standard for managing an information security management system (ISMS). The ISO 27001 Standard provides organisations with internationally recognised proof that it’s ISMS – or cyber security readiness – is of an acceptable, independently audited and verified standard. As importantly, it can provide huge business benefits including increased customer confidence, better operational organisation and the ability to win new business.
William Hague ended the London conference, as I’ll end this article, with a warning about APT – Advanced Persistent Threats. APT’s are the coordinated cyber activities of professional criminals and state level entities. Targeting foreign governments and big business they are usually tasked with stealing sensitive information and compromising information systems.
Addressing the conference Hague commented ‘…state sponsored attacks are not in the interest of any country in the long term. Those Governments that perpetuate them need to bring them under control’. An interesting comment, when the governments perpetuating them, are the ones authorising them. Throughout the conference no one went as far as naming those ‘perpetuating’ ATP attacks, but it is common knowledge that China and Russia are the prime suspects.
APT attacks are a growing concern for all countries and David Cameron, earlier in the conference, stated that such attacks were taking place on an ‘industrial scale’. Indeed earlier on in the year the US Pentagon declared that such attacks could constitute ‘an act of war’ whilst Chinese military officials declared ‘cyber-warfare has become the strategic war of the information era’.
The term APT is relatively new , however it is certain that APT’s, and the fight against them, is going to be a huge issue for large corporations and governments. You can find out more information about Advanced Persistent Threats here >>>