Saturday, May 08, 2010


Recent reports in mainstream western media have indicated that Europe and USA are bracing themselves from a surge of cyber-war attacks originating from China.

Information security has now become a national security concern. Understanding how a complex national IT system can be protected and defended is crucial because some of these lessons can be applied at both the individual and corporate level. There are however three fundamentals that should be grasped first.

The first fundamental is the fact that a complex IT, or cyber system, is any network with more than two interconnected computers which are accessible to any number of human users. Most of these networks (in schools or companies) are invariably connected to other computers in Kenya and the world. This means that your information security headache becomes a cyber security migraine once your computers are connected to the internet.

The second fundamental that must be comprehended is that no system can be made invulnerable to attack. Total security can never be guaranteed in both the physical and digital contexts. This is because the attack space is infinitely larger than the possible defense space. Sophisticated firewalls, biometric access features and standard operating procedures can be implemented and religiously maintained. These measures can be shattered by a social engineering phone call targeting users who carelessly release sensitive information (e.g. passwords). Nobody can wholly defend the digital space they occupy.

This brings us to the third, and last, fundamental. A complex IT/cyber system can only be defended by a dynamically stable and robust defense. This means that your overall defense strategy must be based on agility and flexibility. A good example of dynamic defending is applying profiling and matching as part of your security posture.

Profiling is observing and recording the behavior/modus operandi of an attacker with the aim of identifying and rectifying vulnerable system points. Computer matching involves the computerized comparison or two or more automated systems of records or files. An example of matching is where the national ID number of a person is used to search various databases for information and data elements linked to this unique ID number.

The application of a dynamic security framework will of course include more technological security measures but the outlined three are the most critical. Securing an IT system is not an event. It is a continuous process that requires fleet-footed defense frameworks.

No comments: