According to Forrester Research, the global rising tide of cyber threats from nation-states should be a red flag for private sector security leaders across all industries to prepare for more frequent and brazen attacks in the future.
To help companies prepare for the changing nation-state attack landscape, Forrester unveiled a new model on March 2 that will defend itself and prepare for an expected attack to comply with regulations.
Ellie Mellon, Forrester senior analyst and lead author of the report, pointed out that 40% of cyber operations reported by country target the private sector. State-sponsored attacks have increased by nearly 100% between 2019 and 2022, and their nature has changed – with more being carried out for data destruction, denial of service and financial theft than in previous years.
The Forester model is built on three stages.
First, understand how nation-states attack organizations. A good starting point is the nation-state escalation ladder available in the model.
“It’s a wise approach,” said Erich Krone, security awareness advocate at KnowBe4, a security awareness training provider in Clearwater, Fla.
“Ultimately, for the victim, does it really matter which actor is responsible for the attack that steals money or sensitive information?” He asked.
Crone told TechNewsWorld, “Focusing on how these attacks are being carried out, especially as cybercrime groups mature, is more important for most organizations than worrying about the source. “
“Being aware that you may be a target is important, however, and planning should be a part of the threat model,” he added.
Second, build threat models based on organization-specific nation-state threats.
“Threat models for geopolitical actors are the living context of who, what, where, when, why and how nation-state attackers target your organization,” the report said. “They help predict future attacker activity, close visibility and detection intervals, plan for future market moves, and provide a solid context for executive discussions.”
“Proper threat modeling is absolutely critical when talking about nation-state actors,” said Alexis Dorais-Jonkas, senior manager of threat research at Proofpoint, an enterprise security company in Sunnyvale, California.
“An organization that wants to enhance its defense must determine that hundreds of state-sponsored actors are targeting them. Then it must prioritize measures to counter those threats,” Dorais-Jonkas told TechNewsWorld.
The third step is to get involved in influencing the narrative around cyber security. To do this, security leaders need to know what the security requirements of the government jurisdiction for their business are; managing its relationship with the government through means such as information sharing; be prepared for geopolitical events ahead of time; and influence legislative proposals before they become rules.
Report joining forces with others in the industry to gain some power in the legislative process and inform board members of what is being done about threats to the nation-state before asking about the situation Also recommend doing.
need a strong foundation
“I think the Forrester approach is headed in a good direction,” said James Lively, an endpoint security research specialist at Tanium, an endpoint management provider in Kirkland, Wash.
However, he added that for the model to be effective, it must be built on top of an already strong foundation. “If your company is facing challenges maintaining compliance or patch efficacy schedules, most models are already ineffective,” Lively told TechNewsWorld.
Morgan Dembowski, a cyber threat intelligence analyst with IronNet, a network security company in McLean, Va., called Forrester’s model a “smart approach” to tackling the nation-state problem.
“It’s important to take a strategic and informed approach when defending against country-state attacks,” Demboski told TechNewsWorld.
He further added, “Cyber activity and strategic objectives of nation-state threat actors continue to demonstrate the interconnection between the geopolitical and cyber threat landscape, requiring governmental actions and policies to assess their potential impacts in the cyber domain.” highlights the importance of tracking international relations.”
“It is important to prepare for organization-specific activity because the threats faced by different businesses are multidimensional and differ between sectors and regions,” he added.
the attacks don’t go away
Robert Hughes, chief information security officer at RSA, a cybersecurity company in Bedford, Mass., said the Forrester model appears to be very prudent advice.
“It comes down to knowing the risk level of your business,” Hughes told TechNewsWorld. “While on some level this is like trying to protect your home from a missile attack, a solid framework to start thinking through is the questions and discussion points you need to consider as a business to consider your risks. should be aware of and begin to address them using a multi-pronged strategy.”
“The nation-state attacks are not stopping,” he continued. “They are increasing in volume and capacity, and we should expect to see more of this over the next few years.”
While Forrester’s approach is good, it’s nothing new, said Mike Parkin, a senior technical engineer at Vulkan Cyber, a provider of SaaS for enterprise cyber risk remediation in Tel Aviv, Israel.
“It’s a very similar idea the cybersecurity community and businesses, in general, have been pursuing over the years, with added awareness of state-level threat actors,” Parkin told TechNewsWorld.
“It reinforces those ideas, though, and that’s a good thing,” he said.
While agreeing that organizations need to protect themselves from all attacks and aware of how and to whom reports of attacks should be submitted, the scope of threats to the nation-state can be enormous, said Todd Carroll, senior vice president of cyber operations at SiebelAngel, a threat intelligence company in Paris.
“You’ll be going around in circles trying to think of every nation-state and organized team and method of attack,” Carroll told TechNewsWorld. “China alone has dozens of state-sponsored teams attacking verticals in various ways and for various reasons.”
“You don’t have time to figure out ‘why,’ but you need to spend your limited resources on protecting access, knowing your attack surface, and tracking your critical data,” he said.
Claude Mandy, chief evangelist for data security at Symmetry Systems in San Francisco, a provider of hybrid cloud data security solutions, however, was skeptical of the Forrester model.
Mandy told TechNewsWorld, “In an industry struggling to deal with less sophisticated attackers and basic attacks, a nation-state-specific threat model can be perceived as an unnecessary distraction for organizations most vulnerable to threats.” Would benefit from getting the basics down first.”
“Rather than investing in cyber security controls to attempt to thwart a sophisticated attacker like a nation-state, we prefer to encourage organizations to prioritize their cyber security on what matters most to them – their data – rather than starting with the threats and trying to guess the attackers,” he said.