Incident Response: Gathering the Facts
Not Knowing Numbers Behind Event Makes Risk Assessment HardThe European Network and Information Security Agency, as reflected in its report that focused on mobile- and land-based networks, is collecting information about incidents so European member nations can improve their response to such events.
Without the data and an analysis of the information, officials in government and industry can't determine the best way to respond, Dekker says in an interview with Information Security Media Group.
"You could go to any country and ask a politician if they know how many incidents there were in the banking sector and what their social impact was. They don't know the answer," Dekker says. "And that is difficult to make policy and even to assess the risks of cybersecurity incidents without knowing the numbers behind it."
Among the major findings of the report:
- Hardware/software failure and third-party failure were the root causes for most outages;
- Incidents primarily caused by natural phenomena such as storms and floods lasted, on average, for 45 hours;
- A strong dependency exists on power supply of mobile and fixed communication services, noting that battery capacity of 3G base stations is limited to a few hours, and this means that lasting power cuts cause communication outages.
Dekker works at ENISA on cloud security and smartphone security. He has a degree in theoretical physics and a Ph.D in computer science. His doctoral thesis proposes new, more flexible, access control for collaborative work environments such as medical health record systems.
Before joining ENISA, Dekker worked for KPMG in the Netherlands as an identity management architect and IT auditor. He designed the new version of DigiD, a digital identity for citizens. At KPMG he also reviewed the deployment of a large cloud and outsourcing service for a critical governmental agency.