天天射天天干天天透综合网,国产精品VA在线观看无码,夜夜嗨老熟女av一区,亚洲乱亚洲中文字幕,国产精品资源在线免费观看,91亚洲精品视频在线,欧美 在线 免费 不卡,193在线免费观看黄页网,欧美成人精品色午夜免费观看

汽車網(wǎng)絡(luò)安全現(xiàn)狀的本質(zhì)：可以杜絕絕大多數(shù)網(wǎng)絡(luò)事件，但不可能完全杜絕。

Charles River Assoc 公司司法與網(wǎng)絡(luò)調(diào)查副總裁 Bill Hardin 表示，“你可以盡情采取各種預(yù)防措施，但網(wǎng)絡(luò)安全事件要發(fā)生終究還會(huì)發(fā)生。公司需要面對的真正問題是“你將如何響應(yīng)？”

Hardin 與其他幾位最近接受SAE《國際汽車工程(AEI)》雜志采訪的網(wǎng)絡(luò)安全專家均強(qiáng)調(diào)了制定一套網(wǎng)絡(luò)攻擊響應(yīng)方案的重要性。通常來說，該方案的制定應(yīng)由公司的法律總顧問、首席信息安全官和外部法律顧問共同負(fù)責(zé)。

Hardin 表示，“該方案可能只有一頁紙，上列響應(yīng)團(tuán)隊(duì)的主要負(fù)責(zé)人、需要開展的行動(dòng)，以及具體的執(zhí)行人等。”

響應(yīng)團(tuán)隊(duì)必須隨時(shí)立刻注意到各種網(wǎng)絡(luò)病毒、勒索或任何其他形式的網(wǎng)絡(luò)攻擊，并相互配合積極進(jìn)行處理。

Dawda, Mann, Mulcahy& Sadler PLC 律師事務(wù)所成員 Brian Balow 建議，客戶在出現(xiàn)網(wǎng)絡(luò)安全問題的情況下，應(yīng)避免通過郵件和短信進(jìn)行溝通。

“在討論解決方案時(shí)，客戶應(yīng)采用面對面或電話會(huì)議的形式。”Brian Balow 表示，“只有當(dāng)你已經(jīng)做出決定后，接著才可以將這些決定用書面形式記錄下來。”

在遭受網(wǎng)絡(luò)攻擊后，保證公司 IT 系統(tǒng)的完整性非常重要。“如果可以的話，應(yīng)隨時(shí)對 IT 系統(tǒng)進(jìn)行備份。這是因?yàn)槿绻麤]有備份，IT 系統(tǒng)在遇到網(wǎng)絡(luò)安全問題時(shí)，可能需要重新構(gòu)建數(shù)據(jù)庫，而重建意味著你將失去大量服務(wù)器的日志信息。”Balow 表示，“這些歷史信息本可以用來幫助我們了解所發(fā)生的情況，并確定有多少人受到了影響。”

Willis Towers Watson 公司的 Brian Warszona 表示，用戶在遇到問題時(shí)只想重啟電腦的沖動(dòng)，可能會(huì)讓情況更加復(fù)雜。“如果你沒有相關(guān)知識，那真的不應(yīng)該隨意采取行動(dòng)。這也可能只是一個(gè)電腦故障，”Warszona 表示，“不要驚慌，直接咨詢你們公司指定的響應(yīng)機(jī)制負(fù)責(zé)人。”

貿(mào)然下結(jié)論是毫無意義的，尤其是在并非所有的網(wǎng)絡(luò)安全事件都可以追溯到黑客的情況下。Hardin 表示，“這些壞人是怎么攻入系統(tǒng)的？他們到底有沒有攻入系統(tǒng)？這會(huì)不會(huì)只是一行錯(cuò)誤代碼？這取決于你所在的組織做出決定、保存證據(jù)，并采取必要措施限制影響擴(kuò)大的能力。”

與此同時(shí)，經(jīng)常就網(wǎng)絡(luò)攻擊響應(yīng)場景進(jìn)行“演習(xí)”，可以讓公司時(shí)刻做好準(zhǔn)備。Warszona建議，“比方說，有一家公司非常關(guān)注網(wǎng)絡(luò)勒索。那么，這家公司的響應(yīng)團(tuán)隊(duì)及外部法律顧問可以做一些演練，看看是否存在任何流程上的漏洞。”

在網(wǎng)絡(luò)安全事件發(fā)生之前制定相關(guān)機(jī)制和政策，就如同對員工進(jìn)行網(wǎng)絡(luò)安全培訓(xùn)一樣重要。 Balow 表示，“如今，數(shù)據(jù)安全協(xié)議已經(jīng)不再是‘錦上添花’的東西，而是必須具備的。”

The essence of automotive cybersecurity's current state of capability: It’s possible to thwart most—but not all—cyber incidents.

“You can put in place all the preventive medicine that you want, but a cyber disruption is going to happen. The relevant question for an organization is ‘how will you respond?’” said Bill Hardin, Vice President of Forensic & Cyber Investigations at Charles River Assoc.

Hardin and other cyber security experts who recently spoke with Automotive Engineering stress the importance of developing a response plan for online attacks. A company’s general counsel, chief information security officer and outside legal counsel typically are involved in assembling such a plan.

“It can be just a one-pager that states the response team’s quarterback, the things that need to be done and the folks who need to get involved,” Hardin said.

Whether it’s a virus, a ransomware demand, or another type of cyber attack, the disruption requires immediate attention. And the unfolding situation needs to be handled in a coordinated manner.

Brian Balow, a member of the law firm Dawda, Mann, Mulcahy & Sadler PLC, advises clients dealing with a cyber situation to avoid communicating via emails and texts.

“While deliberating the incident, the response and recovery should be done with face-to-face meetings and phone calls,” he said. “After you’ve made decisions about what to do, then you can document those decisions in writing.”

It’s important to keep the information technology landscape intact after a cyber hack. “Preserve the IT environment if you can. If you do not have a system backup, you may be required to reconstruct the databases. And doing that reconstruction means you’ve lost a lot of the server log information,” Balow noted. “That historical information can be used to help understand what happened and understand how many individuals were affected.”

The impulse to shut down a computer and restart it could further complicate a cyber situation, according to Brian Warszona, Vice President, Cyber Specialist for Willis Towers Watson. “You really don’t want to do something when you’re not even sure what it is. It could just be a computer glitch,” he said. “Don’t panic; consult with your company’s designated response-plan quarterback.”

A rush to judgment can be pointless, especially since not all cyber incidents trace back to hackers. “How did the bad guys get into the system? Did they even get into it? Was it a misconfiguration of code? It comes down to how quickly we can make a determination, preserve the evidence and do what’s necessary to limit the operational impact on the organization,” Hardin said.

Meanwhile, cyber-attack 'rehearsals' can good practice to stay prepared. “Let’s say a company is concerned about a ransomware demand. The response team, along with outside legal counsel, could do a few tabletop exercises to see if there are any vulnerabilities in the process,” suggested Warszona.

Having procedures and policies in place before a cyber disruption is just as important as training the workforce on the cybersecurity action plan. Observed Balow, “A data security protocol is not ‘nice-to-have’ anymore, it’s must-have.”

Author: Kami Buchholz
Source: SAE Automotive Engineering Magazine