Best practice for governments in Asia
By Derek Manky
12 Jan 2010
Today’s toughened economy and escalating threatscape calls for governments in Asia to better prepare themselves against sophisticated cyber attacks. The current economic downturn has caused a wave of cybercriminal activities attacking public and private networks. This presents a stronger case for governments to deal with threats that may compromise national security such as cyber terrorism. For instance, public networks are further exposed through the proliferation of wireless connectivity via wireless access points (WAP) where physical access is no longer required, and vulnerabilities exist.
With the twin possibilities of high population density and tremendous economic potential, Asia remains a hotbed of threatscape activity. Fortinet’s research findings have also revealed that the Asia Pacific region faces the steepest security threats compared to the rest of the world today. A heightening sense of danger combined with high technology countries in Asia pushes governments to deal with the blended threatscape, a situation where threats congregate and take users down. Like the private sector, public sector management should take heed since threats are permeable in the cyberspace. Recently, the Obama administration has drawn much attention to the state of cyber security and this should be a warning call for all governments in the world, including Asia.
For instance, the public sector can look towards deploying comprehensive security solutions to arrest the widespread and ubiquitous threats prevalent in cyberspace today. To date, the Unified Threat Management (UTM) approach has proven to be a superior high performance, relatively low cost option for government, service providers and enterprises of all sizes alike to cope with the current situation of escalating cyber threats. To combat the present day threatscape, Fortinet advocates that Asian governments should be more proactive in tackling emerging threats by adopting the six prong best practice security strategy outlined below to ensure a stronger public sector security grid.
First, governments should re-evaluate security implementations for public networks to overcome known vulnerabilities with wireless implementations. Second, the administration should also implement stricter policies for roaming devices that access public networks and put in place control measures to monitor malicious traffic and enforce passwords. Third, a security management department should be set up to thwart the latest viruses, exploits, phishing attacks and focus on where WAPs are located, along with topology and configuration. This department should work in harmony with their security vendor to achieve optimum mitigation with reduced complexity. Fourth, the security team should also pay attention to potential problems when adopting new technologies. For instance, conduct cyber security exercises to identify gaps, capabilities and the administration’s readiness to deal with such attacks. Fifth, the government should also develop operational capabilities and technical expertise to deal with the challenges associated with the IT security threatscape. Finally, Asian governments should also educate all network users and review the security topology in a transparent and effective manner – alerts and security news feeds are good resources.
The above approach will enable public governments to secure their cyber gateways, the way the most sophisticated private enterprises do today and at the same time, protect the integrity of their constituents and maintain a strong sense of credibility in the community.
Derek Manky is the Cyber Security & Threat Researcher Manager, FortiGuard Labs. Fortinet is a provider of network security appliances and Unified Threat Management or UTM.
