Research and Findings
Addressing Nation-State Cyber Security Threats to the Enterprise

Years ago, nation-state threats could generally be identified by their location. Nation-state actors - hackers that directly support national governments or those that are organized crime entities hired by a national government - have become progressively more sophisticated. Increasingly, they pirate servers and equipment in a victim's backyard, making it increasingly difficult to identify them or their actual location.

"Despite these challenges, there are steps that CISOs can take to detect nation-state intruders. A good starting point is by defining the "normal" state on your company's network, said Bryce Austin, CEO, TCE Strategy.

Companies can begin to define normal network operations, in part, by having tools on their network to help them define what sort of traffic they have on the network, the source that is behind the traffic, and where it is headed," said Austin.

Beyond that, a new generation of network firewalls created by companies such as Palo Alto Networks are demonstrating their worth in real-world scenarios, said Austin. "We usually don't hear about successful stoppages in the news because no one likes to talk about how they were almost breached but were able to thwart the attack," said Austin.

To communicate nation-state threats to the board of directors and the level of preparedness that a company has to deal with such threats, Austin advises ensuring that CISOs have an ongoing relationship with law enforcement, and an incident response plan on when and how to partner with law enforcement on nation-state threats.

"It's also critical to help the board understand what the potential liabilities are to the company from this type of threat," said Austin.

Threats can take many forms, from loss of confidential data, fines from regulation violations, lawsuits from those impacted by a breach, an overall loss of the value of the company (such as Yahoo), and general reputational damage. Sometimes the risks are more specific. For instance, Austin points to a food manufacturer that was in negotiations to be acquired. The company's emails were hacked by a nation-state actor from the potential acquirer's homeland to try to determine what share price the food manufacturer might be willing to accept for an acquisition.

"Cyber security is about preventing those that would use your data or your systems to gain an advantage over you. That advantage is often about much more than just money. My role is to help my clients prevent criminals from gaining that type of advantage."

To learn more about top cyber security trends and best practices, check out our upcoming New York and San Francisco CISO summits. 

Attribution: HMG Research
Featured Video
"Build Security From The Ground Up - Weigh The Risks"

Click here to watch Roota Almeida, Head of Information Security, Delta Dental of NJ.

"When you are developing an app or buying a solution, you have to make sure from a business perspective how it is solving your business problem, but at the end of the day, is it bringing in more risks and if it is then how are you balancing that risk? "
Featured Blog Post
"Consider This: 21st Century CIOs Need 'Split Personalities' to Balance Continuity and Growth" - by Hunter Muller

The modern CIO needs that unique ability to look in two directions at the same time, a topic which arose during a great conversation with Kevin Sealy, Senior Client Partner & EMEA CIO Practice Head at Korn Ferry.


Featured White Paper
"Technology Innovation Drives Business Growth: The New Role of the CIO" - by Workday, Inc.

CEOs now look to their CIOs to provide guidance on digital strategy and support business growth through technology. Discover how CIOs can align to what their executives want and help their companies thrive in today's rapidly changing business environment. 

Connect with HMG Strategy on Social Media:

About HMG Strategy

HMG Strategy is the world's foremost provider of pioneering networking events and thought leadership to support the 360-degree needs of the CIO/IT leader. Our regional CIO Executive Leadership series, newsletters, authored books and Resource Center deliver proprietary research on leadership, innovation, transformation, and career ascent. The HMG Strategy global network of more than 300,000 senior IT executives, industry experts and world-class thought leaders is the strongest, most trusted network of executives. Additionally, our partnerships with the world's leading search firms provide vital insights into the evolving role of the CIO.

The HMG Strategy  CIO Executive Leadership Series offers a completely unique experience for IT executives to gain the latest insights and best practices for driving increased business value through the use of IT, and build invaluable relationships with peers and industry experts. HMG Strategy CIO Executive Leadership Summits were given the distinction by  CIO.com as one of "Ten Must-Attend Conferences in 2015." The HMG Strategy 'Transformational CIO Blog' was recently recognized by CDW's  BizTech Magazine as one of "50 Must-Read IT Blogs 2015."
  
For more information about the CIO Leadership Series and HMG Strategy please go to  www.hmgstrategy.com.


The Strongest Executive Leadership Network