We have developed the myth that technology can be an effective fortress – We can have security.
Traditional focus on:
- Better Firewalls
- Boundary Intrusion Detection
- Critical Offsite Capacity
- Compliance Certification
Myths:
- IT staff = security staff
- Compliance failure is the main source of risk
- Being compliant = being safe
The Internet is fundamentally open:
Facts:
- We don’t know what’s on our own nets
- What’s on our nets is bad, and existing practices aren’t finding everything
- Threat is in the “interior”
- Threat is faster than the response
- “Boundaries” are irrelevant
- We don’t know what is on our partner’s nets nor on the points of intersection
- Compromises occur despite defenses
- Depending on the motivation behind any particular threat, it can be a nuisance, costly or mission threatening
(Read more: Top 5 things a CISO should evaluate to benchmark an IAM solution)
What Can We Do?
Network MUST be:
- Defensible
- Hostile
- Fertile
Another Approach - Awareness
- Not Really an Either / Or Scenario
- The APT History shows an Initial Entry Vector to the Network Through Spear Phishing.
- It’s MUCH easier to gain entry through tricking an employee to click on a link than finesse your way through a firewall.
Good awareness program for enlightening your staff to the dangers of Spear Phishing
(Read more: Bring out the "Thought Leader in You" ! Become our guest author)
Emphasis
- With Security assurance, I am not intending to make the system "HACKER PROOF", but surely device a mechanism which can, to a large extent
- It is all about the ability to EXPECT THE EXPECTED before we are ready to EXPECT THE UNEXPECTED.
- Advanced Persistent Threats Can be Defeated
You can predict the future based on the past. The enemy can't change all his techniques, and once you've learned about your adversary, you can deal better with the oncoming waves of attacks.
As attacks have migrated from targeting systems via exploits to targeting people, security breaches are growing in number and sophistication. Therefore, it is no longer acceptable to rely exclusively on preventative measures . . .
New Technology Gadgets are also under Threat
Many users of the Mac OS X platform still view it as absolutely safe, primarily because Apple has assured them for many years that the system is more secure than PCs. However, recent analysis has challenged that assertion. There are significant numbers of Mac users. Botnet (as Trojan-Downloader.OSX.Flashfake) to have attracted the attention of experts in Q1 was the zombie network built of Mac OS X computers. In March 2012, Flashback infected about 7,00,000 computers across the globe.
CISO Team needs to wear different shoes, meaning wear the shoes of his/her customer and participate in building requirements then (s)he may be able to deliver better shoe
-By Sharat Airani
More: Want to share your insights? Click here to write an article at CISO Platform
Comments
Thanks Bikash. Yes, I agree about Application level too. Now with mobility in place (mostly) apps are available on different devices. It is also one of the biggest concern and it may run into different aspect..!!
Sharat, very nicely written article. Btw, what's your thoughts on application level threats?
Personally, I think CISO should keep this on the RADAR. Educating will help.
Hi Sharat,
Truely the IT Security landscape is changing very fast and it is difficult to keep pace with it.I absolutely agree on "It’s MUCH easier to gain entry through tricking an employee to click on a link than finesse your way through a firewall." So educating your staff is very essential,but do you think a CISO should take this more seriously and allocate budget for such education?