How to Minimize Consequences of Cyber Espionage


Cyber espionage is not a problem only the federal government deals with. Companies that rely on the Internet, both public and private, are being targeted as well.


[ad]

Cyber attackers are becoming more skilled at stealing massive amounts of data over long periods of time, and many businesses are unaware of a breach in their computer networks until the damage is done. Cyber espionage sophistication and attacks are expected to increase; therefore, U.S. companies need to begin looking at their cyber security more in depth.

Below steps can stop some intrusions or at least help to detect them more rapidly and minimize damage:
– Avoid complacency; don’t think it can’t happen to your company

– Assume your network has already been penetrated and change strategy from reactive to proactive

– Cyber security has to be dealt with strategically at senior management levels

– Get rid of the silo approach; security is a business issue as well as an IT concern

– Develop measures for centrally controlling and monitoring what devices can be attached to corporate networks and what data can be stored on them

– Separate perimeter from core; a sound perimeter defense alone is not adequate to protect against penetration

– Conduct regular penetration testing of company infrastructure and third-party shared network systems

– Use two-factor ID or long passphrases

– Layer security and segment data

– Identify and isolate the “crown jewels” and implement compartmentalized access procedures

– Assign threat focus areas. Don’t get distracted by the small, unsophisticated attacks. Filter them out and concentrate on the more serious ones

– Be more open . Disclose the breach to partners first, then the public. The SEC requires public companies to disclose security breaches

– Think twice about entering into a joint venture with a Chinese company. The potential for losing IP is significant . Stealing IP is an accepted business practice in China and there are no negative consequences

– Be judicious about hiring . Nation-states often recruit their foreign nationals who work for U.S. companies for cyber espionage purposes, appealing to their sense of patriotism
[ad#mo]