Security Threats – Protecting Enterprise Infrastructure
In the first half of the 2013 fiscal year, the US Department of Homeland Security’s responded to more than 200 incidents. 53 percent of the incidents were in the energy and utility sector — many of them sponsored by states such as China.
As attacks become more sophisticated and digital control systems increase in complexity and levels of automation, it is increasingly difficult to prevent threats from impacting the operation of critical infrastructure.
Security balancing act
The costs of implementing a stricter policy need to be weighed against the potential costs that could result from the failure of a weaker policy. These costs include purchasing a security solution, implementing this security solution, and finally managing and maintaining the solution. Initial costs often include the physical infrastructure necessary to deploy the solution, such as servers, kiosks and networks, as well as the consulting services that are often required to implement the solution correctly.
Defining acceptable media and content
Defining a portable media and content strategy is key to a secure data workflow policy. When developing a secure data workflow policy, organizations should first define what types of portable media are acceptable and how they can be used.
Designing secure data workflows
The best security policies have multiple layers of protection, to guard against many types of threats, both known and unknown. This defense-in-depth strategy will minimize the risk of any one threat getting past all of the security layers.
A secure data workflow should leverage threat protection methods including:
- User authentication and source verification: Prevent unauthorized users or sources from bringing in data and facilitate logging for future auditing;
- File type analysis and filtering: Prevent risky file types from entering the facility, including files that have spoofed extensions
- Multiple anti-malware engine scanning: Detect threats that are known by any of the many commercial anti-malware engines, and leverage many varying heuristic algorithms to detect zero-day attacks;
- Document sanitation: Further protect against unknown threats by using sanitation methods to strip potential threats out of documents and images.