Home / Blog / How do you know if a company is prepared to resist cyber-attacks?

How do you know if a company is prepared to resist cyber-attacks?

Posted on 05/12/2015, by Juan D. Peláez (INCIBE)
How do you know if a company is prepared to resist cyber-attacks?

The Security and Industry CERT consults the main Spanish critical infrastructure to measure their capacity to resist a cyber-attack.

Is your organisation prepared to resist cyber-attacks? This is the main question that the Security and Industry CERT sent to thirty-two organisations that operate critical infrastructure in our country.

Sectors such as banking, industry, water, transport, and healthcare, that provide essential services to citizens, whose functioning is indispensable, and a cyber-attack against which could have major consequences for society, are being consulted through an extensive questionnaire in order to evaluate how they protect their facilities against potential cyber-attacks.

The Security and Industry CERT (INCIBE-CERT) recorded 17,888 cybersecurity incidents in Spain during 2014, which were managed by the INCIBE-CERT_ of which 63 affected strategic businesses.

As revealed by an ENISA report, more than 50% of successful attacks are due to carelessness and negligence in key aspects of cybersecurity. This figure has been the same in the last three years, and as such, it is necessary to improve awareness raising about cybersecurity.

SECURITY AND INDUSTRY CERT “161,965 IP addresses of domains with signs of malicious activity”

 At INCIBE-CERT_ the aim is to avoid cases such as that which occurred in the American bank JPMorgan Chase, which affected 76 million homes and 7 million small businesses, or in the case of a steel factory in Germany that sustained serious damage because the cybercriminals prevented an oven from being turned off.

Cyber resilience

Cyber resilience is the capacity for a process, nation, organisation, or business to anticipate, resist, recover, and evolve to improve its capacity to face adverse conditions, stress or attacks on the technological resources that it needs in order to function.
What will be measured? A framework based on four GOALS has been defined:  ANTICIPATE: Maintain a state of informed preparation in order to avoid the functions and mission of the business being compromised by cyber-attacks.  RESIST: Continue with critical functions despite the successful execution of a cyber-attack.  RECOVER: Restore the critical functions as much as possible after the successful execution of a cyber-attack.  EVOLVE: Change supporting cyber capabilities, missions, and functions, in order to minimise the negative impacts of cyber-attacks.

Using a form with 54 questions designed to extract the metrics and indicators of cyber resilience of organisations against cyber-attacks, the National Centre for Critical Infrastructure Protection (CNPIC), the State Department of Security body of the Ministry for Home Affairs responsible for the protection of Critical Infrastructure, along with the National Cybersecurity Institute (INCIBE), a body under the State Department of Telecommunications and the Information Society of the Ministry of Industry, aims to draft a report on the state of cyber resilience in Spanish critical infrastructures,  which will allow an action plan to be developed to improve the protection of cybersecurity and resilience.

The state report on cyber resilience in Spanish critical infrastructure will allow us to answer the question on whether or not our country is prepared to resist cyber-attacks and take the necessary measures to make our country cyber resilient.