With cyberattacks increasing every day, personal information is increasingly at risk.
But, that risk could be even greater if you’re not careful.
The security industry is already working to mitigate the risks of the attack by introducing a new set of rules, called SANS SPIRAL, that address threats such as phishing and malware.SANS SPINAL was created by the Security, Privacy, and Information Technology (SPI) and Computer Science and Engineering (CS&E) departments of the Department of Homeland Security to help agencies better understand the risks they face.
The rules focus on identifying, analyzing and mitigating vulnerabilities.
Sensors like cameras, Wi-Fi networks, and Internet of Things devices are considered to be “potential targets” by the SANS guidelines.
In addition, security experts say the new rules also address the security of data on mobile devices that may have been compromised.
The new rules focus specifically on mobile phones, which are commonly used by people in remote locations.
SANS says it will be able to analyze mobile phone data in real-time, with a view to better identifying possible malicious activities.SENSOR-ONLY PROTECTIONThe rules also provide tools for agencies to create, deploy and manage security-related software and hardware.
The guidelines also require that agencies develop and implement a standard for security monitoring of mobile devices, which will be developed by the Mobile Devices Advisory Group (MDAG) and supported by the Office of the Federal Information Security Officer (OFIS).SANS said in a statement that its SPIRALS SPIRALT rules were developed by a group of government and industry experts, and that they will be widely adopted by all agencies.
The SPIRATS SPIRALEVELS rules are designed to protect individuals, businesses, and organizations from unauthorized access, modification, and disclosure of protected information.
This includes any information that is shared with the public or a third party.
Sans says its rules also focus on ensuring that the agency has access to the security information of its users.
The goal is to provide a clear and concise set of guidelines for agencies in the event that their policies are breached, or that an intrusion occurs, SANS said.
