If national ambitions for security are to be met, best-practice high-security technology is needed to protect CNI against cyber threats….
At the London defence show Defence and Security Equipment International (DSEi) in September, the intelligence security product company BAE Systems Detica announced that if vital critical national infrastructure is to be protected at reasonable price, useability and efficiency, then real innovation is needed in the development of very high security cyber architectures for the private companies that run the lionโรรดs share of the globeโรรดs essential infrastructure services.
According to a Detica-sponsored report from Chatham House published in September and featured in the October issue of Professional Security, Government best-practice around high-end cyber warfare defences has not yet permeated some areas of the UKโรรดs critical national infrastructure (CNI). Detica says that, whereas military and government have historically seen the real necessity of advanced security for their most sensitive information and operations, private sector organisations are faced with the need to balance cost and practicality of implementing an appropriate level of security for low probability, but high-risk attacks.
The report โรรบCyber Security and the UKโรรดs Critical National Infrastructureโรรน stresses the importance of cyber space to national security and notes that CNI enterprises should seek to take on greater responsibility and instil greater awareness about the nature of cyber risks across their organisation.
Henry Harrison, Technical Director of BAE Systems Detica said: โรรบItโรรดs vital that we protect our critical national infrastructure from attack, but one of the reportโรรดs principle conclusions is that there appears to be a less than coherent picture within CNI organisations of either the risk or potential impact of cyber attack. This is a particular challenge for low probability but potentially very high impact attacks that could affect the operation of our critical national infrastructure. The reality is that the private sector organisations which largely run CNI form the front line for this Tier 1 national security threat.
โรรบHistorically there has been very limited adoption within the private sector of the very high-end security approaches used to protect the worldโรรดs most sensitive information and systems. If our national security ambitions are to be realised, there is a pressing need to improve the useability and efficiency of these solutions in order to enable more widespread deployment.โรรน
Detica at DSEi was demonstrating its cyber security capabilities, including its Secure Network Gateway, part of tools to minimise the exposure of mission-critical networks to external attack. The Secure Network Gateway enables the injection of new levels of flexibility into highly secure networks, for example allowing the controlled and selected release of classified information.
Henry Harrison, Technical Director of BAE Systems Detica added: โรรบThe most sensitive systems of our critical infrastructure need to be robustly separated from more general-purpose interconnected networks. Where thatโรรดs not the case today, CNI organisations need to introduce that separation while minimising the economic impact to business efficiency.
โรรบThere is a growing portfolio of tools that ensure organisations donโรรดt have to trade usability for security, ensuring that critical systems can be separated and the risk of attack minimised with comparatively low impact on day-to-day business operations.
โรรบWhat is needed to achieve that is a business-led approach to the analysis and design of effective risk management frameworks, combined with technology innovation that allows networks to be protected from cyber criminals.โรรน
