Cyber defense

GUÍA DE
CIBERDEFENSA
ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR
65 In some cases, belonging to the same political, economic or defense alliance is not enough to rule out the source as a potential cyber threat, since, if the interest is big enough, they could try anonymous cyberattacks (taking extreme care to avoid actions that maybe tracked) or conduct false flag cyberattacks.
435.
Cyber threats to national and military interests are increasingly common, sophisticated and damaging. For this reason, cyber defense must be incorporated into military planning at all levels of command and cyber threats and cyber risks must betaken into account throughout the entire cycle of joint operations planning.
436.
There are basically two types of cyber threat sources internal and external.
437.
Internal cyber threat sources are the individuals or entities that belong to the organization of the potential victim and, therefore, are authorized to access the data, information or systems of the targets or the individuals or entities acting from within the organization because, although not belonging to it, they have maliciously obtained access credentials. The causes of internal cyber threat are usually due to ignorance, accidents, negligence or deliberate acts.
438.
To prevent internal cyber threats due to ignorance, it is necessary to conduct cybersecurity training and awareness at all levels of the organization as well as monitoring compliance with cybersecurity standards, measures and procedures and assessing effectiveness.
439.
To prevent internal cyber threats due to accidents, it is necessary to develop operation continuity plans and implement a transparent cybersecurity model to minimize having end users make cybersecurity decisions.
440.
To prevent internal cyber threats due to negligence, it is necessary to use basic internal monitoring (based on SIEM) and to establish a simple cybersecurity model where the security measures to be applied by end users are easy to understand and put into practice.
441.
To prevent internal cyber threats due to deliberate acts, it is necessary to establish advanced monitoring models based on cyber threat hunting (para. 478) and to carryout internal IT security audits.
442.
External cyber threat sources are the individuals or entities that do not belong to the organization of the potential victim and, therefore, are not authorized to access the data, information or systems of the targets. Ina practical way, they are grouped into three types States, organized groups and individuals.
443.
To combat State cyber threat requires the involvement of a cyber force and participation in collective defense alliances in international organizations such as NATO or IADB and multinational and bilateral cyber defense agreements.
444.
To combat cyber threat from sources not attributable to States (i.e., organized groups or individuals) it is necessary to strengthen the three pillars of national cybersecurity (cyber resilience, cyber protection and cyber defense, para. 530), have close cooperation between them and apply the related international law.
445.
The most common targets of cyber threats are information, IT networks and systems, mobile communication devices (smartphones, tablets) and critical infrastructure control and information systems. Nonetheless, indirect physical consequences to facilities and people cannot be ruled out.

GUÍA DE

Download 2.54 Mb.

Share with your friends: