IDCA NewsAll IDCA News
19 Jul 2022
Calls in APAC for closer cooperation between the public and private sectors to fight cybercrime may benefit from a toolkit to quantify security risks
Creating a robust and secure digital environment requires collaboration between the public and private sectors. Standards organizations and governments should consider introducing a standardized cybersecurity framework for the private sector. In addition, security stakeholders can provide key insights, identify national cybersecurity risks, and encourage private sector investment in digital infrastructure by working with governmental agencies. Crucial to this approach may be work done in the US and Europe to quantifiy cybersecurity risks.
In APAC, Microsoft recently launched a plan to increase cybersecurity by collaborating with the private sector. A more comprehensive approach to cybersecurity is needed to address an increasingly sophisticated threat landscape. The conventional approach of relying on perimeter-based firewalls, antivirus solutions, and tactical responses is no longer sufficient. Vivek Ravindran, Microsoft's Business Group Lead for Modern Work in APAC, writes in a blog post that organizations need to adopt a zero trust approach to security with automation and multiple layers of defense.
Using threat intelligence to automate organizational response and stronger collaboration between the public and private sectors are three measures Ravindran recommends for a cybersecurity approach. Closer cooperation between the public and private sectors might prove crucial to fighting cybercrime, even though automating cybersecurity response and applying zero trust are highly important technological solutions.
In order to ensure a robust and secure digital environment, the public and private sectors should coordinate their cyberdefense strategies. The Open Group's Open FAIR approach to quantifying cybersecurity risk is already seeing increased usage outside of the traditional IT risk quantification area. For example, the Central European Committee for Standardization (CEN) referenced Open FAIR as an informative reference standard for risk analysis. In the Netherlands a research program by the National Cyber Security Center and a local research organization are working on a toolkit that can be used to quantify cyber security risks. A fact sheet with a step-by-step plan is included with the toolkit, along with examples of models to assess security risks and recommendations for software. The toolkit will be available later this year.
Photo credit: FLY:D
Follow us on social media: