US President just signed new cyber security incident reporting mandates into law on Tuesday 15 March, making it a legal requirement for operators of critical national infrastructure (CNI) to disclose cyber attacks to the government, in specific to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours, and any ransomware payments made within 24 hours. It enables CISA to subpoena organisations that fail to do so, with the threat of referral to the US Department of Justice (DoJ) for non-compliance. This symbolises how it progresses on the cyber attacks, as previously some will due to various considerations decide to no report and disclose and just silently pay the money to ransomware. As time goes by, for sure the cover sectors and industries will expand.
No organization on the planet can claim to be vulnerable-free or hacker-proof, as ongoing evolution and technology change, open windows for the vulnerability, and those who seize it, will be able to organise the cyber attack by various motives. Partially it is enterprises who ignore and overlook the importance of cybersecurity and implement various defences that are to be blamed. Another part of special interest organisations hackers plan the careful execution hacking campaign, whether in a special group or target of enterprise, or special application vulnerability that can not be patch or remain open long enough for the attack to leverage the vulnerability hole present in the windows of opportunity.
No matter how, it is enterprise responsibility to make sure to implement backup and offline archive, as well as provide all the needed training, procedure and guideline that matter too.
As world moving toward fourth industrial revolution (4IR) industry 4.0, from massive of internet of things (IoT) sensors, artificial intelligence (AI), big data to cloud computing, it beyond human can perform any cybersecurity assessment, investigation and continuous monitoring without make use of automation to help filter and process most of near real-time traffic accordingly to the policy and rule pre-set for the execution on the fly, for multi millions to billions traffic that nope of any human can cope with. While the world is moving toward massive volume of data generate per second, any enterprise attempting to do in the traditional human based response time and cycle, for sure will end in trouble, because they are still living in human time cycle, but the world has been moving to machine time cycle where capable to process billions or millions of transactions and traffic per second.
Despite most of the enterprise knowing how important for the data backup and rollback is, whether or not execute and witht the remote archive procedures or not is another. Simply migrating toward cloud-first or cloud computing will not make the enterprise avoid those risks, if they do not have the solid availability strategy and execute with the remote archive and off-site practice.
Ransomware attack is no news, but you will be surprised it keeps popping up from the daily news headlines across the globe. For those who choose to report and those who choose to silently cover up the matter due to the reputation impact. Making cyber attack reporting be mandated may help everyone what is happening, so post incident response be possible. We expect a lot of the countries will follow what the US leads in enforcing it by law.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
Other post you may be interest: