The great non-divide between cyber security and geopolitics
The combination of the information shift to cloud computing and the energy move to the smart grid is creating a massive headache for governments when it comes to cyber attacks – something that can potentially be as debilitating as a physical attack.
"There is even talk of typewriters resurfacing as organisations distrust the digital keepsake of their most important documents," says Bryan Hamman, territory manager for Sub-Saharan Africa at Arbor Networks, the security division of NETSCOUT. "The battle has shifted and businesses now need to worry about highly motivated human adversaries – plus, the stereotypical warrior has changed drastically."
The fourth edition of the Global Energy Architecture Performance Index Report, released in 2016, ranks 126 countries on their ability to deliver secure, affordable and sustainable energy. A finding in the report is that "accelerating changes in technology, energy markets and geopolitics are creating new opportunities and also threats to energy security." South Africa is ranked 76th and the report states that the country has improved its energy system performance compared to the 2009 benchmark across all three core dimensions – affordability, environmental sustainability, security and access – following energy reforms that have notably improved energy access and expanded renewable energy.
Geopolitics, in which national security and strategy are often rooted, is just as relevant as ever in the face of threats related to cybersecurity, notes Andre Ishii in "Geopolitics, the State, and Cybersecurity in a Globalized World" published on Geopoliticalmonitor.com, an international intelligence publication and consultancy.
What are the 'things' in the Internet of things?
He says, "Each and every Internet user has a part in protecting against cyber-security breaches while engaging in day-to-day activities. But as the importance of geopolitics remains, so too will the importance of the state. And no matter how imperfect that state response may be, it will continue to be part of the cyber-security architecture meant to mitigate political risks rising out of the Internet. What is needed is a collaboration of experts and an open environment for the exchange of tactics and ideas. Only then can we truly meet the challenges that will continue to emerge from cyberspace."
Confidentiality, integrity, and availability are the three pillars most commonly spoken of in the information security world and a viable security posture must take care to protect all three. "It's a delicate balancing act to find equilibrium without stifling the flow or compromising the integrity of information," adds Theresa Abbamondi, senior product manager at Services at Arbor Networks. "Never is this more apparent – or the stakes so high – as in today's geopolitical world."
She continues: "Sometimes the costs are clear and definable – the loss of revenue from a movie not released – often, the impact is more theoretical. It's precisely when the costs have fuzzy lines that we should be most alarmed. Phrases like ‘history changing' seem to miss the point of both words, but it's difficult to properly characterise the influence a nation-state cyber attack can have in any other way.
"Certainly, political espionage is nothing new, as a catalogue of Hollywood films tells us. But in today's connected world, it's never been easier to steal state secrets from the comfort of a bureaucrat's cubical half a world away. And guarding that connected world is a job that demands excellence and commitment."
Abbamondi points out that there is an increase of distributed denial of service (DDOS) attacks throughout the advanced threat kill chain. DDOS attacks target the availability of information and attackers use it as a tool for both reconnaissance and obfuscation during malicious advanced threat attacks, making protection against DDOS attacks a necessary component of any effective security posture.
"Arbor Networks has a long history of securing the world's largest enterprise, service provider networks and significant events – from the Olympics to elections. Arbor's solutions have been there to help ensure network availability in all regions – while the whole world is watching. From pre-event health checks, to our unparalleled ATLAS intelligence and visibility into the threat landscape, to a best in the industry hybrid approach to application and volumetric DDOS attacks, Arbor stands as guardian of a connected Africa and a connected world," adds Hamman.