80% of Cyber Attacks are Preventable

“If network administrators simply instituted proper configuration policies and conducted good network monitoring, about 80 percent of commonly known cyber attacks could be prevented.”

These courageous words were uttered by Richard Schaeffer, information assurance director at the NSA. He also added that simply focusing on adhering to common best practices would substantially raise the bar.

Wired reports that the Senate Judiciary Subcommittee on Terrorism, Technology and Homeland Security recently heard from a number of experts offering commentary on how the government should best tackle securing government and private-sector critical infrastructure networks.

Larry Clinton, president of the Internet Security Alliance, declared that public indifference and unawareness played as much a role in the current state of cyber security as the unwillingness of corporate entities to take responsibility for securing the public’s data.

Clinton, whose group represent banks, telecoms, defense, technology companies and other industries that rely on the internet, said that corporate and government entities that collect and store the public data “do not understand themselves to be responsible for the defense of the data.“ He added that, “The marketing department has data, the finance department has data, etc, but they think the security of the data is the responsibility of the IT guys at the end of the hall.”

Clinton does not believe federally mandated cyber security standards are the answer as they can be seriously counterproductive to national economic and security interests. To improve cyber security, the public sector would have to institute sufficient market incentives to motivate companies to protect the public’s interests. His group plans to release a proposal next month laying out some recommendations.

What do we think?

Although Schaeffer and Clinton are discussing cyber attacks and security on a national level they make it painstakingly obvious that solving the problem requires joint efforts from the government, the public, network administrators and ALL OTHER members of an organization.

At WebSpy we continuously preach that Internet and Network monitoring should not just be the network administrators’ responsibility. In fact, Vantage Ultimate was developed exclusively to increase the effectiveness of IT policy adherence while taking the pressure off the IT department. Vantage Ultimate enables secure distribution of organizational Internet and network reports across an entire organization, whilst protecting employee privacy. Why does this matter? Because distributing the responsibility for IT security starts by efficiently distributing IT security information.

Find out more about Vantage Ultimate

Related Links:
Wired Article
NSA
Internet Security Alliance

See also:

About the Author:

Leave A Comment