Feeds

Cyberwar report: Israel, Finland best prepared for conflict

Do GCHQ and the NSA have some catching up to do?

Remote control for virtualized desktops

Analysis Israel, Finland and Sweden are more prepared than larger nations to fight a conflict in cyberspace, according to a McAfee-backed cyber-defence study.

The cyber-security report (click to enlarge)

The study, Cyber-security: The Vexed Question of Global Rules, is based on interviews with experts in the nascent field by by McAfee and Security & Defence Agenda, a defence think-tank. No metrics are involved in the study, which even McAfee admits is largely subjective. Brussels-based SDA based its conclusions on "in-depth interviews with some 80 world-leading policy-makers and cyber-security experts" in government, business and academia in 27 countries as well as an anonymous survey of 250 world leaders in 35 countries.

For the record, among the key findings of the report are the contention that the state of cyber-readiness of the US, Australia, UK, China and Germany all rank behind that of smaller countries such as Israel, Sweden and Finland. The methodology used for rating various countries’ state of cyber-readiness was developed by Robert Lentz, former US Deputy Assistant Secretary of Defense for Cyber, Identity and Information Assurance.

Hmmm.

Without knowing the capabilities of GCHQ and the NSA, and the cyber-warfare pundits quizzed by McAfee would be honour-bound not to disclose this if they did know, it is hard to even begin to understand where this conclusion comes from. Certainly the UK government's very public commitment to boost cyber-security – with an additional budget of £650m over the next four years on improved electronic defences, mostly earmarked for GCHQ and the intelligence agencies – would suggest it's no laggard when it come to repelling hacker attacks.

The UK and US, rated with four castles, are only just behind the top-ranked nations, which earn four-and-a-half castles. China and Russia get three castles, ahead of India (on two-and-a-half), and Mexico (two castles – the lowest rating of the 23 countries accessed).

Frankly the whole thing is like rating footballers after a match, which sports journalists routinely assign in a great hurry on the way to the boozer - only to find their musings are taken quite seriously by the players.

In other findings, the report found that most (57 per cent) global experts believe that an arms race is taking place in cyber-space. More than a third (36 per cent) reckon cyber-security is more important than missile defence. Nearly one half of them (43 per cent) identified damage or disruption to critical infrastructure as the greatest single threat posed by cyber-attacks. A similar percentage (45 per cent) of respondents said that "cyber-security is as important as border security" (try telling that one to border agents trying to keep Mexican drug traffickers from further encroaching into the US).

Cloud cast shadows over cyber-security picture

Experts quizzed by SDA agreed that greater use of cloud-based technologies and smartphones are complicating the already muddled cyber-security picture. The study highlights a looming skills shortage in cyber-security and a lack of private-sector involvement in cyber-security exercises as potential problems. Striking the difficult balance between maintaining security and protecting individuals' freedoms is also seen as a puzzler best achieved by "selectively reducing anonymity without sacrificing privacy rights".

The report goes on to list a series of recommendations including greater global information sharing; financial incentives for improvements in security for both private and public sectors; more powers to law enforcement in order to combat cross-border cybercrime; the formulation of best practice-led international security standards; and diplomatic efforts to resolve mediocre take-up of existing global cyber treaties. Some respondents advocated the establishment of cyber-confidence building measures as alternatives to global treaties.

Finally the report recommended the development of improved public awareness of cyber-security campaigns. Schemes such as Get Safe Online, in the UK, have enjoyed a greater push from security, financial sector firms and government over recent years so it's hard to see what more can be done in the area of eduction anytime soon.

The report's authors point to the need for improved real-time sharing of global intelligence as the single most important recommendation of the report.

"The core problem is that the cyber criminal has greater agility, given large funding streams and no legal boundaries to sharing information, and can thus choreograph well-orchestrated attacks into systems," said Phyllis Schneck, Vice President and CTO of global public sector at McAfee, in a statement. "Until we can pool our data and equip our people and machines with intelligence, we are playing chess with only half the pieces." ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?