F-Secure experts comment on Govt Cyber Security
January 2022 by F-Secure
Following the Government’s new Cyber Security Strategy plans, F-Secure spokespeople share the following comments:
Calvin Gan, Senior Manager, Tactical Defence, F-Secure: “Ever since the pandemic, we started seeing more attacks targeting the public sector, especially on the health and education sector because data they hold are perceived to be of high value. These attacks revealed to us the weakness in security implementation while the impact of the attacks has been devasting for some institutions (leak of public health data, high ransom payment, or systems used for scam activities). Since the increase in attacks, it has become apparent that the public sector systems would need further security strengthening while staffs’ cyber security awareness has to be elevated further.
With the call for better security practices, controls, and management in these institutions, the new strategy is a welcomed move especially when dedicated budgets are being allocated to improve the cyber security posture. It is with the hope that lack of resources would no longer be the main blocker for better security improvements. Perhaps a first is to relook at the entire estate of public sector systems and identify the current risks that are posed to them. Start identifying the technological debt that has been built up over the years and manage the risks associated with these debts. It is no easy feat to do this especially when these systems are heavily depended upon by the public, but it is never too late to start improving the security posture of these sectors, especially when everything is now more connected as a result of the pandemic restrictions.”
Paul Brucciani, Cyber Security Consultant, F-Secure: “As the world migrates to the cloud, our lives are becoming increasingly fragile. The internet operates through 426 submarine cables in service around the world. In normal circumstances this is sufficient, but sometimes internet services can be seriously degraded by a breakage. In 2008, severed cables caused internet disruption for 70 percent of the nationwide network in Egypt and India had 60 percent of its networks disrupted. It is an open secret that Cold War protagonists developed the capability to create the mother of all denial of service attacks by cutting up the internet.
Being resilient means being able to function without the internet – at least for a time. The UK Government’s proposal to create a digital Home Guard to protect vital services makes sense.”