CAIRO, Egypt, 19th June, 2015:
Egypt has some very specific threats facing government entities. These
come from regimes opposed to our politics as well as those wishing to
benefit from industrial espionage. Meeting these concerns is a
difficult task and one which requires a multi-level approach to
security, which provides strength in depth. At the perimeter securing
services with DNS Firewall and ‘Volumetric Attack Prevention’ is
critical; internal threats are more difficult to counter.
Glen Ogden, Regional Sales Director, Middle East at A10 Networks
says that as many attacks occur from inside an organisation, it’s
necessary to ensure that all traffic is screened at both the ingress and
egress points within a government. The proliferation of SSL has
enabled many malicious applications to effectively hide their existence
once activated, bypassing existing security methods such as internet
filters etc because SSL traffic is encrypted and can’t be inspected.
Governments need
to enter into discussions with security vendors that have countered
this threat by developing highly scalable SSL Intercept technology which
allows Government entities to intercept all SSL communication destined
for the internet originating from inside an organisation and strip off
the encryption to allow existing security products to fully monitor the
payload before re-encrypting the data and sending it to the final
destination should it pass internal security checks.
Existing
security products that inspect payload aren’t suited for this task due
to the high volume of SSL encryption/decryption required. Therefore a
best of breed technology in this space that can scale regardless of SSL
key strength is an absolute requirement if government is to avoid
service impact due to performance problems.
A security
strategy should always be fully encompassing, dealing with both physical
and logical security. Typically, government entities in Egypt have a
high level of physical security in place already. Unfortunately, modern
threats tend to favour logical security breaches rather than physical
penetration of a government entity meaning that new strategies are
required to cope.
Critical
infrastructure and data are often in some ways synonymous, since they
both require logical protection, albeit of a very different kind. You
can’t protect data if you don’t adequately protect the perimeter,
therefore a solution that offers both perimeter protection of firewalls,
Doman Name System (DNS) infrastructure must be mirrored by internal
protections of applications via Web Application Firewalls (WAFs) and
importantly, the ability to inspect all communication destined for the
internet regardless of whether it’s encrypted or not.
Historically,
such protection has proved very expensive to procure due to vendors
licensing all features on an appliance; this has limited governments,
specifically, from enjoying the same level of protection as their
commercial counterparts. However some vendors do not have any
licensing, allowing any customer to enjoy all the acceleration and
security features for a fixed ‘capital’ and ‘operational’ expenditure
perspective.
Unfortunately,
Government spending on security, beyond Firewalls and Anti-viruses,
tends to be viewed in the same way as disaster recovery, i.e. only spend
after a breach or a failure. In an increasingly connected world,
security should be a very high priority for Government as E-Government
is on the rise and both inter-government and citizens mandate their data
is both secure and protected. Most CTO’s understand this requirement
and we are expecting spending on security to increase especially as many
government departments are wishing to adopt Cloud services.
As attacks
increase, a governing body is essential to ensure all relevant parties
have somewhere to obtain information. Moreover, any entity that helps
define protection standards is typically welcomed by those departments
that aren’t able to execute their own due diligence in security matters.
It is likely that we will see each state have their own entity and
this should be considered welcome by the community as a whole.
Even if there is
a central body that is set up to regulate defence against
cyber-attacks, each Government or Ministry still needs to take action
to ensure the region as a whole is fully protected top to bottom. So
while entities are of clear importance, that shouldn’t be at the expense
of individual government departments ensuring they are adequately
protected against the very real threats that the country faces daily.
There are a
range of security products available from multiple vendors, however the
critical component of security is often that it's ‘affordable’;
protection is a difficult cost code to justify, given that when things
are working properly nothing happens so there is no immediate visible
benefit. Vendors have traditionally licensed their security features
and sometimes even appliance throughput, making it a very expensive
proposition for government to invest in where no clear ROI appears
visible. What entities should look at when evaluating vendors are
‘licence free’ solutions that allow customers to enjoy protection at
scale for fixed CAPEX/OPEX.
