Hacking and cyber attack strategies have become increasingly sophisticated due to more cutting-edge approaches to seizing critical data. As a consequence, it has become nearly impossible for companies to spend enough money to properly protect themselves from all cyber attacks.
For instance, NASA spends approximately $58 million for IT security, yet in 2010 and 2011, it reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorised access to its systems. In FY2011, NASA was the victim of 47 APT cyber attacks, 13 of which successfully compromised Agency computers. In one of the successful attacks, hacking intruders stole user credentials for more than 150 NASA employees — credentials that could have been used to gain unauthorised access to NASA systems.
It’s clear that throwing money at the problem of enterprise security doesn’t necessarily better protect an organisation from hacking and cyber attacks. What can help is an independent enterprise security evaluation that detects an organisation’s cyber attack vulnerabilities and suggests tailored enterprise security tools, not big-box solutions. Steps in such an evaluation may include the three discussed below:
1. Initial Enterprise Security Posture Snapshot: Enterprise security posture snapshots analyse a company’s cultural, technical and strategic security issues, making it simpler to identify its specific needs and outline an appropriate enterprise security roadmap. The posture also includes an assessment of the organisation’s IT systems in terms of data availability, confidentiality and integrity. Lacking this enterprise security self-awareness has its consequences.
In 2011, website hosting company Distribute.IT’s systems fell victim to hacking, sending 4,800 domains offline and wiping all of the provider’s backup resources. Many of these domains belonged to small retailers, plenty of whom had never assessed their own enterprise security postures and had no foresight as to what could happen should their web hosting service go down completely.
2. Red- and Blue-Teaming Exercises: In a Red Team, a simulated, external cyber attacks are performed on the client’s systems without prior knowledge of IT administrators. The hacking is done safely, securely and in a controlled manner; its main purpose is to identify how easily the client’s systems can be penetrated. The Blue Team event then looks at cyber attack vulnerabilities from the inside-out, identifying deployed technologies and assessing against known hacking threats. From here, businesses can implement defences that block real hacking and cyber attacks and seal up any points of weakness.
3. Remediation Exercises: During this phase, enterprise security providers will propose tailored services that address a company’s specific security requirements and cyber attack and hacking vulnerabilities. Because hacking continually occurs via new entry points to breach data systems — from mobile devices to credit card machines —, a singular solution is not enough. While it is tempting to take the advice of well-known providers at face value, branded products don’t always equate to comprehensive protection from cyber attacks and hacking. In the world of enterprise security, relying on a custom mix of tools creates a stronger, safer foundation for guarding against hacking and cyber attacks.
In the evolving world of cyber attacks, hacking and advanced persistent threats, the smartest organisations not only understand what threats exist, but also have keen perceptions of their own IT systems and the improvements they need to prevent enterprise security disasters. These organisations understand threats continue to evolve and that enterprise security simply cannot be a set and forget activity. Keeping up with ever-evolving cyber attack and hacking threats is something almost impossible for an organisation to resource internally, as its people are unlikely to be exposed sufficiently to the changing threat landscape. Expert, independent, external advice is a practical and cost-effective mechanism for gaining valuable insight into your organisation’s cyber attack vulnerability.