Read more at https://www.channelnewsasia.com/news/singapore/singhealth-cyberattack-pause-new-ict-systems-lifted-10586666
(Updated: )
Ricky Lim
CSA has also instructed the 11 Critical Information Infrastructure (CII) sectors to increase security by taking additional measures.
These measures including removing all connections to unsecured external networks, mediating open connections through unidirectional gateways – which allow data to travel only in one direction – and implementing a secured informational gateway, if two-way communication between a secured network and an unsecured external network is required.
---
Article written by :-By Benjamin Goh
27 Jul 2018 06:16AM (Updated: 27 Jul 2018 10:01AM)
These standards try to assist companies to build secure systems without necessarily clamping down on Internet access or compromising the usability of the systems.
LOOK AT THE ECOSYSTEM, NOT JUST THE CYBERATTACKS
Perhaps the issue here is that cyber incidents are all too often seen as a problem of dealing with cyberattacks. If we similarly framed health issues as viral infections, we could miss out more fundamental solutions which address the root cause, such as boosting patients’ immune systems or adjustments to their lifestyles.
But if we reframe the issue of cyber-attacks by looking at our current security and protection systems, we can have targeted initiatives to improve cybersecurity “lifestyles” rather than be fixated with specific viral events.
Such measures might require deeper and heavier fundamental investments, but let us not be penny-wise and ultimately pound foolish.
Posted on :- 27 Jul 2018 06:16AM (Updated: 27 Jul 2018 10:01AM)
Ricky Lim
Based on the writing above, this writer has a misconception that the Internet front-end facing is completely separated from the back-end process and database.
This is not correct.
(1) If it is so, how does public users access all the Government online services, eCommerce, online purchases, banking transactions - if eTransaction from Internet is physically separated from the back-end apps process and database?
Like · Reply · 1m
Ricky Lim
Note:- Separating (out-of-band management) back-end from front-end (Internet facing) - is not physical separation, they are logical separation - protected by strong slew of security devices and logical separation.
But :-
Ricky Lim
Most important, ensure that in-band (front-end) network must not be routable to the out-of-band (back-end) network.
Internet Public DMZ coming in from Internet - to process online transaction to hit web-apps-database are still in place and routable but strongly and securely protected --- else how eTransaction takes place?
Ensure this mistake must not be made - else 佛都保不到你。。。。。
These measures including removing all connections to unsecured external networks, mediating open connections through unidirectional gateways – which allow data to travel only in one direction – and implementing a secured informational gateway, if two-way communication between a secured network and an unsecured external network is required.
---
Article written by :-By Benjamin Goh
27 Jul 2018 06:16AM (Updated: 27 Jul 2018 10:01AM)
These standards try to assist companies to build secure systems without necessarily clamping down on Internet access or compromising the usability of the systems.
LOOK AT THE ECOSYSTEM, NOT JUST THE CYBERATTACKS
Perhaps the issue here is that cyber incidents are all too often seen as a problem of dealing with cyberattacks. If we similarly framed health issues as viral infections, we could miss out more fundamental solutions which address the root cause, such as boosting patients’ immune systems or adjustments to their lifestyles.
But if we reframe the issue of cyber-attacks by looking at our current security and protection systems, we can have targeted initiatives to improve cybersecurity “lifestyles” rather than be fixated with specific viral events.
Such measures might require deeper and heavier fundamental investments, but let us not be penny-wise and ultimately pound foolish.
Posted on :- 27 Jul 2018 06:16AM (Updated: 27 Jul 2018 10:01AM)
Ricky Lim
Based on the writing above, this writer has a misconception that the Internet front-end facing is completely separated from the back-end process and database.
This is not correct.
(1) If it is so, how does public users access all the Government online services, eCommerce, online purchases, banking transactions - if eTransaction from Internet is physically separated from the back-end apps process and database?
Like · Reply · 1m
Ricky Lim
Note:- Separating (out-of-band management) back-end from front-end (Internet facing) - is not physical separation, they are logical separation - protected by strong slew of security devices and logical separation.
But :-
Ricky Lim
Most important, ensure that in-band (front-end) network must not be routable to the out-of-band (back-end) network.
Internet Public DMZ coming in from Internet - to process online transaction to hit web-apps-database are still in place and routable but strongly and securely protected --- else how eTransaction takes place?
Ensure this mistake must not be made - else 佛都保不到你。。。。。
No comments:
Post a Comment