In response to today’s new findings from McAfee Labs on a new global campaign ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure, a cybersecurity expert with CyberSaint offers perspective.
George Wrenn, CEO and Founder at CyberSaint Security:
“Critical infrastructure organizations, especially those who deal with defense-related initiatives, should always be on high alert for unexpected threats that might negatively impact their ability to keep sensitive information or critical personnel secure. This is a given, but the lesson learned is that it takes a balanced weighting of people, process, and technology to facilitate a high-performing, always-alert cybersecurity program that can more effectively stop the original threat.
“Organizations such as these, at a minimum, should be implementing frameworks such as the NIST Cybersecurity Framework and building improvement plans that sufficiently balance people, process, and technology. The opportunity lies in building a guide that would avoid over-weighing technology remediation, for example, so as to not miss threats that come to fruition through other areas. The new implant is another example of how targeted attacks attempt to gain intelligence through social engineering, which can be addressed through a balanced focus on both the people within the organization and on the process-related mitigation activities. Programs should have access to a real-time recommendation engine that is constantly weighing people, process, and technology against their gaps in order to determine where remediation actions related to any of those three areas might be the most successful against an attack such as this.”
