Forrester urges IT teams to protect against nation-state threats


According to Forrester Research, the rising global tide of cyber threats emanating from nation states should be a wake-up call for private sector security leaders across all industries to prepare for more frequent and sophisticated attacks in the future. he is coming.

To help businesses prepare for the changing landscape of nation-state attacks, Forrester on March 2 unveiled a new model for protecting against and preparing for the expected regulatory onslaught.

Ellie Mellen, senior analyst at Forrester and lead author of the report, noted that 40% of cyber operations reported nationally targeted the private sector. State-sponsored attacks increased by almost 100% between 2019 and 2022, and their nature has changed – with more attempts to destroy data, deny service and steal money than in previous years.

The Forrester model is built in three stages.

First, understand how nation states attack organizations. A good starting point is the national-state escalation scale available in the template.

“It’s the right way,” said Erich Krohn, security awareness advocate for KnowBe4, a security awareness training provider in Clearwater, Florida.

“Ultimately, does it matter which actor is responsible for an attack that steals money or sensitive information for the victim? He asked.

“Focusing on how these attacks are carried out is more important than worrying about the source for many organizations, especially as cybercrime groups continue to mature,” Krohn told TechNewsWorld.

“It’s important to know that you might be a target, but planning should be part of your threat models,” he added.

Risk modeling

Second, create threat models based on threats specific to the organization and the nation state.

“Threat models for geopolitical actors are living clues about who, what, where, when, why, and how nation-state attackers targeted your organization,” the report said. “They help predict future attacker activity, close visibility and detection gaps, plan for future market movements, and provide clear guidance for executive discussions.”

“Threat modeling is critical when dealing with nation-state actors,” said Alexis Dorais-Jonkas, senior director of threat research at Proofpoint, a security firm in Washington. A Sunnyvale, California company.

“An organization that wants to strengthen its defenses must determine which of the hundreds of state-funded entities to target. It should then prioritize measures against those threats,” Dorais-Jonkas told TechNewsWorld.

The third step is to get involved to influence the cybersecurity conversation. To do this, security managers need to know which government jurisdictions have security requirements for their companies; manage their relationship with government through such vehicles as information sharing; preparation for geopolitical events in advance; and influencing legislative proposals before they become regulations.

The report also recommends teaming up with other industry players to gain leverage in the legislative process and inform council members of threats from nation states before they arrive. ask questions about the situation.

A strong foundation is needed

“I think Forrester’s approach is going in the right direction,” noted James Lively, endpoint security research specialist at Tanium, a Kirkland, Washington-based endpoint management provider.

However, he added that for the model to be effective, it must already be built on a solid foundation. “If your company is having trouble maintaining a compliance or patch efficiency program, many models are already ineffective,” Lively told TechNewsWorld.

Morgan Demboski, a cyber threat intelligence analyst at IronNet, a McLean-based network security firm, called Forrester’s model a “smart approach” to addressing the state-by-state problem.

“Having a strategic and informed approach is critical when defending against nation-state attacks,” Demboski told TechNewsWorld.

“Cyber ​​activism and the strategic goals of nation-state threat actors continue to highlight the interconnectedness of geopolitical landscapes and cyber threats, highlighting the importance of monitoring government actions and international relations to assess their potential implications in the cyber domain. “, he continued.

“Organization-specific preparation is important because the threats faced by different businesses are multifaceted and vary by industry and region,” he added.

Attacks do not cancel

Robert Hughes, chief information security officer at Bedford-based cybersecurity firm RSA, noted that Forrester’s model appears to be very conservative advice.

“It’s about knowing what kind of risk your business is exposed to,” Hughes told TechNewsWorld. “While on some level it’s trying to protect your home from a missile attack, there’s a solid foundation to start thinking about as a business and the questions and talking points you need to know. Consider your risks and begin to address them using a multi-pronged strategy.

“Attacks on nation-states will not stop,” he continued. “They are increasing in size and capacity, and we should expect to see more, not less, over the next couple of years.”

While Forrester’s approach is sound, it’s nothing new, says Mike Parkin, senior technical engineer at Vulcan Cyber, a Tel Aviv, Israel-based SaaS provider of enterprise cyber threat mitigation.

“These are the same ideas that the cybersecurity community and business in general have been promoting for years with increased awareness of state-level threat actors,” Parkin told TechNewsWorld.

“It reinforces ideas, which is a good thing,” he added.

Unnecessary worry

While organizations agree that they need to protect themselves against all attacks and know how and to whom to report attacks, the scope of nation-state threats can be overwhelming, noted Todd Carroll, CybelAngel’s senior vice president of cyber operations, threat intelligence. A firm in Paris.

“You go around in circles trying to think of every nation state and every organized team and method of attack,” Carroll told TechNewsWorld. “In China alone, there are dozens of state-sponsored teams attacking vertical markets in different ways and for different reasons.”

“You don’t have time to figure out ‘why,’ but you need to focus your limited resources on protecting access, learning about the attack surface, and tracking your critical data,” he said. – he declares.

Claude Mandy, chief data security evangelist at San Francisco-based Symmetry Systems, a provider of hybrid cloud data security solutions, was skeptical of Forrester’s model.

“In an industry trying to manage unsophisticated and simplistic attacks, a nation-state threat model can be seen as an unnecessary distraction for organizations that would benefit most from mastering the basics. Mandy told TechNewsWorld.

“Instead of investing in cybersecurity controls to deter a sophisticated attacker like a nation state, we encourage organizations to prioritize cybersecurity over what matters most to them—their data—instead of guessing what the threats are. attackers do,” he said.

All news on the site does not represent the views of the site, but we automatically submit this news and translate it using software technology on the site, rather than a human editor.

Leave A Reply