Why recovering quickly from a cyber attack should be infosec pros’ prime goal

Share post:

Because a determined threat actor will likely penetrate any organization, the prime goal of a cybersecurity plan should be getting quickly back online, a Canadian expert told a telecom industry conference this week.

“You are not invulnerable. No one is,” Robert Beggs, president of DigitalDefence, a Waterloo, Ont.,-based incident response and penetration testing firm, told the Canadian Telecom Summit in Toronto. Don’t try to defend against every possible threat, he said. Instead, IT leaders should aim at letting the IT network fail “gracefully.”

Ask if there is an attack, can it be handled, and how quickly can you recover, he said. “That will be the true measure of success and survivability.”

The summit draws hundreds of telecom operators and vendors every year.

Beggs was on a cybersecurity and privacy panel that included Ann Cavoukian, expert in residence at Toronto Metropolitan University’s Privacy By Design Centre of Excellence; Georg Serentschy, managing partner at Austria’s Serentschy Advisory Services and moderator Joe Ozario, a consultant and president of the Toronto chapter of the Resilience Information Exchange (formerly the Disaster Recovery Information Exchange).

Serentschy talked about cybersecurity as seen by telecom regulators around the world, painting what he admitted is a “pretty scary” picture. Regulators are worried about threats from climate change to critical infrastructure, physical acts of sabotage (for example, those on the Russian-German NordStream oil pipeline) and fiber optic networks, and the alleged vulnerabilities of telecom network hardware from “non-like minded countries.” Without naming such countries, he said this last “is considered by many leading security experts as the real smoking gun.”

Another problem, he added, is that European regulators have been so focused recently on making wireless services affordable that network operators haven’t been investing in making their systems resilient. In fact, he said, regulators in Iceland see a lack of redundancy as a market failure that requires regulatory intervention. More of that may be needed in other countries, he suggested. To go along with that, there is a need for metrics to measure network resilience, he said.

Some network resilience may come from the use of near-earth satellite constellations, he also said, noting that Ukraine has shown the worthiness of that during its war with Russia.

Serentschy urged telecom regulators to do more to educate the public on cyber risks.

Cavoukian admitted that while it’s becoming “exceedingly more difficult to secure our data and keep privacy embedded into all our operations, we can’t give up.”

“It’s all about being proactive and embedding much-needed privacy into the design of your operations, so ideally you can prevent the privacy harms from arising.”

There is a range of weapons organizations can use, including end-to-end data encryption and creating “synthetic data” that strips personally identifiable data from digital information.

“You never give up on privacy and security,” she maintained, because these are the foundation of freedom.

She complained that governments have been “negligent” in not updating privacy and security legislation to up with the techniques of hackers.

Cavoukian also said it’s “appalling” that police continue to seek routine access to telecom networks’ encrypted data, saying if they need access, police should get a judicial warrant.

Most organizations are very poor at protecting against cyber threats, Beggs said. For example, many only test their website security once a year. Another example: Leaving a VOIP phone in reception for a visitor to use. When no one is around, a hacker can unplug the Ethernet connection, plug in their own device and have instant access to the corporate IT network.

The post Why recovering quickly from a cyber attack should be infosec pros’ prime goal first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Canadian police need a search warrant to get your IP address: Supreme Court

An IP address is the key to unlocking a user's internet identity the court's majority

Cyber Security Today, Week in Review for week ending Friday, March 1, 2024

This episode features a discussion on how hard it is to kill a ransomware gang, Canada's proposed new online harms bill, why organizations still allow staff to use vulnerable software

Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC

In an interview Errol Weiss talks about the challenges facing hospitals a

Cyber Security Today, March 1, 2024 – Warnings to GitHub users and Ivanti gateway administrators, and more

This episode reports on a recommendation that enterprises drop Ivanti Policy Secure and Connect Secure devices because threat actors can get around mitigations for recent vulne

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways