Mitigating Nation-State ThreatsLance James of Deloitte Describes a Comprehensive Strategy
Reports that a major breach of the U.S. Office of Personnel Management may have originated in China are yet again raising concerns about nation-state threats against government agencies as well as the private sector. Earlier, the FBI attributed the hacking of Sony to "North Korea actors."
But rather than focusing narrowly on taking steps to thwart potential cyber-attacks from nation-states, organizations should focus instead on implementing a comprehensive strategy to protect their sensitive data from all threats, says security expert Lance James of Deloitte & Touche.
"I'm all about threat intelligence and understanding motives of actors," he says. "But before you even look at threat intelligence ... you've got to make sure you're protected in general. Have you put in the right risk controls ... to be protected from the problem, such as fraud or theft or insider threat? ... Can your 'locks' withstand this type of attack?"
In an interview with Information Security Media Group at the recent Fraud Summit Chicago, James:
- Sizes up whether the nation-state threat is real, and what motivations might be involved;
- Stresses the need to cover the basics, such as segmenting networks and encrypting data at rest;
- Calls on organizations to outsmart cyber-criminals. "Your enterprise has to be more advanced than the advanced persistent threat. ... They are persistent about getting in. You have to be persistent about keeping them out."
James is head of cyber-intelligence at the consultancy Deloitte & Touche. He's an internationally known information security expert with more than 15 years of experience with programming, network security, digital forensics, malware research and cyptography design. Credited with the identification of Zeus and other malware, he has authored and co-authored several technical e-crime books.