Risky Business News Flash #34
Breaches Keep Happening – Is this a new bumper sticker that I saw this past weekend or is it reality? It is the later but I am sure we have this as a bumper sticker on the inside of our eyelids, after all it is the trend.
My question to you as a security professional, is why do many practitioners continue to perform penetration and network assessments alone, or social engineering assessment in a vacuum, or physical assessments when the spirit moves us? Sophisticated attackers operate at the intersection of these three.
Now is the time. 2015 is the year that we must start to perform assessments as a hacker would, not for the sake of compliance but for the sake of security and the protection of everything that is important to your organization. Now is the time to test your defenses using the same techniques that the bad guys will use to attack.
The trend today is to incorporate intelligence services into the Red Teaming which allows organization to take proactive, damage preventive measures against attackers. These intelligence services focus on knowing what attackers are going to do to YOU rather than attacks that have already happened.
The Bottom Line – OccamSec can provide your organization with “situational awareness” – the Who/What/Where/How which will allow you to stay one step ahead of the attackers. Effectively utilizing these types of tools, techniques and practices of attackers will greatly bolster your organization’s security effort and turn the tide of your battle in the information security war.
You decide when you want to take this approach and then contact me for the prescription and medicine that will actually make you feel better.