by Tim Greenhalgh
Each week, the number of cyber-attacks on businesses and government grows exponentially. This is no longer a matter of individuals or groups seeking status in their hacker communities to gain notoriety. Organised and sophisticated gangs of criminals have brought in the brightest minds to wage war on business and government - their targets are financial institutions, corporations and state organisations. They are stealing money, but far more important are also appropriating ideas, blueprints, plans and strategies (IP) – essentially, the future of business and nations.
Cyber espionage is a growing threat. According to William Hague, UK Foreign Secretary, there is an “alarming” rise in the levels of attacks by states on states, criminals on states, terrorists on states and organisations, and criminals on business and individuals. “There is a rapidly multiplying set of challenges in cyberspace on government and institutions,” he says. Hague believes that industry in Britain is under attack because it has intellectual property worth billions of pounds.
“This is so important in the national and economic sense. These are very valuable things. And they are not sitting in a vault, so we need to take precautions to safeguard them.” Hague underlines that the UK is at the forefront of the battle in cyberspace and that, at the national level, GCHQ is extremely effective.
Cybercrime has been estimated to cost the global economy $1 trillion a year - almost 1.75 percent of global GDP, according to Misha Glenny, author and cybercrime expert. The solution that governments and other forward-thinking organisations are rapidly moving toward to end the cyber-security crisis is based on Trusted Computing frameworks, which every business and organisation should know about – and implement quickly.
Earlier this year the CESG, the UK’s Communications Electronics Security Group and the Government’s technical authority on Information Assurance, issued recommendations for the use of device-based security within government agencies. Both the US Government and the National Security Agency have also made Trusted Computing technology central to their security protocols.
Joseph Souren Vice President at Wave Systems (www.wave.com) is passionate about the need for organisations to embrace the Trusted Computing standard.
He says: “Security in today’s IT infrastructure focuses on building layers of software defence and these systems have been exposed to high-profile breaches. We believe that organisations should seriously consider adding device identity as an independently managed layer to help protect their data. This device-based security solution offers unmatched protection and will play an integral role as organisations move to Cloud computing.
“It’s a framework championed by major organisations, enterprises and governments across the globe but there is still a lack of awareness about device-based security, even though around half a billion of current business-grade PCs and laptops come equipped with the technology to put these systems into practice.
“To protect against today’s advanced threats, it is critical to have a strong foundation of trust in all endpoint devices. That starts by knowing that the PC has not been changed by a third party—and is free of malware in the BIOS—and extends to verifying the identity of the device.
“The Trusted Platform Module, a security chip attached to a computer’s motherboard, can establish automatic and transparent authentication of known network devices and users. Because the TPM chip is physically part of the device, it is uniquely suited for creating and verifying strong device identities and ensuring only authorised access to networks.”
The beauty of Trusted Computing is that it delivers a “triple whammy”: it reduces costs over a lifetime of devices and networks; it provides proven, trusted and best-in-class security; and it ensures a perfect fit between the needs of device users and organisations’ imperatives.
Mr Souren is hosting a government-level event on October 20th in London, the Trusted Computing Seminar where top-level state officials will debate the future of network security with leading professionals in the cyber-defence field and companies such as PricewaterhouseCoopers, which has embraced the Trusted Computing solution globally. The seminar is open to IT management, IT security managers and Risk Managers.
The focus on cyber-crime and network security in the UK at the highest level continues with the Cyber Security Summit in November in London, organised by GovNet where William Hague and other government leaders will debate issues with counterparts from the US and leading security organisations.