Breach Preparedness , Cybersecurity , Data Breach

Mitigating Nation-State Threats

Lance James of Deloitte Describes a Comprehensive Strategy
Mitigating Nation-State Threats

Reports that a major breach of the U.S. Office of Personnel Management may have originated in China are yet again raising concerns about nation-state threats against government agencies as well as the private sector. Earlier, the FBI attributed the hacking of Sony to "North Korea actors."

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

But rather than focusing narrowly on taking steps to thwart potential cyber-attacks from nation-states, organizations should focus instead on implementing a comprehensive strategy to protect their sensitive data from all threats, says security expert Lance James of Deloitte & Touche.

"I'm all about threat intelligence and understanding motives of actors," he says. "But before you even look at threat intelligence ... you've got to make sure you're protected in general. Have you put in the right risk controls ... to be protected from the problem, such as fraud or theft or insider threat? ... Can your 'locks' withstand this type of attack?"

In an interview with Information Security Media Group at the recent Fraud Summit Chicago, James:

  • Sizes up whether the nation-state threat is real, and what motivations might be involved;
  • Stresses the need to cover the basics, such as segmenting networks and encrypting data at rest;
  • Calls on organizations to outsmart cyber-criminals. "Your enterprise has to be more advanced than the advanced persistent threat. ... They are persistent about getting in. You have to be persistent about keeping them out."

James is head of cyber-intelligence at the consultancy Deloitte & Touche. He's an internationally known information security expert with more than 15 years of experience with programming, network security, digital forensics, malware research and cyptography design. Credited with the identification of Zeus and other malware, he has authored and co-authored several technical e-crime books.


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Howard J. Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 34 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network