As a society, we depend on the internet more than ever. All of the systems that enable us to function today, from electricity and transportation to banking, rely on digital infrastructure to function. It is absolutely crucial that we protect our critical infrastructure from cyber threats. Without adequate security, malicious hackers could cause traffic accidents, hijack phone calls and even interfere with the water supply. While the idea of hackers completely taking over our way of life is a frightening one, the good news is that there are very gifted people on the other side consistently developing ways to thwart these cybercriminals. What are some of the state-of-the-art ways to safeguard our critical infrastructure from these dangers? For risk managers who are in charge of protecting these systems, preparation is key. Networks must have redundancies so that if systems are crashed by hackers, isolated backups can jump into their place. Systems must be resilient enough to spot threats in real-time, alert the system manager and take immediate self-protective action. The best way we know to currently protect infrastructure is to make sure these redundancy and resiliency measures are in place and to test and revise them frequently. Hackers are constantly attempting different and more effective ways of invading these systems. Elements of a comprehensive safety plan include:
- Cloud services that are easy to use but protect data off-site. (See “Why the Optimal Cloud?”)
- Network monitoring to record who logs into the system and their location.
- Dedicated system for quickly finding and patching any detected software or operating system vulnerabilities.
- Host intrusion prevention applications.
- Anti-malware reputation services that can identify known phishing sites.
- File-integrity monitoring.
- Application whitelisting.
- Traditional network protection measures such as firewalls, encryption and anti-virus software.
- Multi-factor authentication for authorized users (See the “Buyers Guide to MFA”)
These are some great ways to protect infrastructure, but it is important for risk managers to always remain vigilant. The world of cyber security is an arms race where, as soon as the industry develops a protection against some kind of attack, the hacker community devises a way to beat it. It is only by constantly and consistently applying the best identity and access management solutions and cybersecurity measures that our infrastructure has the best chance of staying safe against malicious intrusion. Identity is on the front lines of the cybersecurity battle. Learn more at Optimal IdM.