How can the defence sector fight a growing wave of cyber attacks?

By Tanium

Darren Patt, Director of Strategic Accounts at Tanium, discusses.

Earlier in July, a group Iranian hackers posed as recruiters and journalists on Facebook to befriend U.S. military personnel. They connected with targets over months to trick them into clicking links that would infect their devices with spying software, reported The Guardian.

Cybersecurity risks are mounting for all organisations - but the stakes are especially high for the defence sector, believes Darren Patt, Tanium’s Director of Strategic Accounts.

He shares how defence organisations can combat growing security threats with velocity and scale.

The stakes are high


Cybersecurity risks facing the defence sector are similar to most organisations, but there “is no room for compromise”, says Patt. While a cyberattack might mean the loss of money to other organisations, the defence sector risks the entire country’s safety. “It’s a matter of life and death.”

Defence organisations also need to know that the security intelligence they’re receiving is accurate, he adds. How can they know if the instructions are coming from a trusted officer, or a hacker?

Singapore, in particular, faces security threats as a small nation without natural resources amid an increasingly volatile world, says Patt.

As Prime Minister Lee Hsien Loong wrote in the Foreign Affairs Magazine, “Southeast Asian countries, including Singapore, … live at the intersection of the interests of various major powers and must avoid being caught in the middle or forced into invidious choices.”

No time to waste


Security products often lag by a few years, Patt says. Cybersecurity companies have to research different attack types, test their technologies, and package it before it is released.
 
“By the time the first customer adopts that product, in fact, they're already two years late.”
The defence sector can’t afford that time lag, he emphasises.
Today’s cybersecurity attacks often exploit vulnerabilities that organisations don’t know about, or don’t have a solution for. “When something like this hits, how can governments come up with a response fast enough to counter the threat?”

Speed is crucial. Organisations must know what vulnerabilities are present, where they are, and how they can be patched.

Tanium provides “velocity at scale”, says Patt. Its platform gives analysts visibility over the devices connected to their networks and identifies security loopholes, allowing them to address gaps quickly.

Security teams can also ask any question and get back answers within seconds, just like they do on Google.

Tanium worked with the US Navy to help them quickly identify devices connected to their network and if they are secure. This helped analysts easily spot any intrusions, and reduced the time taken for cybersecurity audits from months to minutes.

Bringing Zero Trust to the next level


Singapore should adopt a Zero Trust approach to protect itself from cybersecurity attacks, said then-Minister for Communications and Information S Iswaran in February.

The defence sector has probably been applying the approach due to the high stakes, Patt says. “It is now about how you raise the bar and bring Zero Trust to the next level.”

Organisations need three things for a successful Zero Trust approach, he explains. First, they need to know what devices are connected to their networks and their security posture. Second, they need to verify the user’s identity and what levels of access they should be granted to systems or data. Lastly, they need to know how segmented their networks are.

If the sector knows these three things in great detail, it’s easier to know who should be trusted and who shouldn’t, he explains.

While organisations often focus on the end user, knowing the security levels of the devices are also crucial. Tanium’s ability to investigate each device at any point in time, at speed and at scale, will be very helpful.

As cyberattacks continuously evolve, the defence sector will need to be quick to respond and mitigate these threats. Speed and a comprehensive Zero Trust posture will be key.