Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

9/5/2016
09:00 AM
Todd Thibodeaux
Todd Thibodeaux
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
100%
0%

The New Security Mindset: Embrace Analytics To Mitigate Risk

Sure, conducting a penetration test can find a weakness. But to truly identify key areas of risk, organizations must start to think more creatively, just like today's hackers.

You’d be hard-pressed to find a business or IT leader today who would deny the importance of cybersecurity. But awareness is different from having the resources and strategy to combat them. In trying to keep pace with end users’ expectations for fast roll-outs of the latest technology, the fight to ward off cyber threats has become more strenuous and stressful.

Fewer than half of information security professionals feel their organizations’ security is completely up to par, according to CompTIA’s 2016 study Practices of Security Professionals. The daily drumbeat of news about successful cyberattacks serves as validation of the beliefs of these security professionals.

Many businesses have thrown money at the issue. Enterprise security spending surpassed $75 billion in 2015, on its way to the $100-billion plateau by 2019, according to estimates from research concern Gartner. Much of this money has been spent on hardware and software solutions. But investing in infrastructure and security solution providers is only one element of survival in today’s constantly mutating landscape.

At best, these solutions represent only table stakes when it comes to securing companies effectively. At worst, they lead to a false sense of security. Recent attacks on leading cloud and mobile device providers suggest that another approach is necessary.

Beyond implementing tactical changes, IT leaders have to initiate a mindset shift throughout their teams, focusing on their ability to evaluate complex issues and create innovative security solutions.

Pivoting to a Data-driven Offense
The repeated mantra has been to “think like a hacker to stop a hacker.” Yet attacks continue to grow in spite of the increasing numbers of white hat and ethical hackers that have entered the workforce. A new approach is necessary.

The key is to properly analyze today’s networks to see where traditional security measures fail. This approach does more than simply devise an attack to see where security falls through the cracks. Merely conducting a penetration test may find a weakness. But conducting a creative analysis of the network and carefully analyzing the results will truly identify key areas of risk. Security professionals who can sniff out abnormalities in their IT network and applications can foil intruders’ plans before they escalate. This is a far different approach than simply finding a single weakness and then declaring “mission accomplished.”

Along with this mental adjustment comes another transition, one that few businesses have mastered. This approach involves both building up an IT department’s detection and analytics capabilities, along with proactively testing an organization’s IT environment to identify any potential vulnerabilities or security gaps.

In addition to focusing on the right hardware and software, it’s vital to focus on the “wetware:” the minds of people who are securing today’s networks. It’s time to focus on an essential shift in how today’s cybersecurity minds approach today’s IT infrastructure. By encouraging security professionals to figure out what makes their organization an attractive target in the first place and hunt down any points of exposure (the same steps hackers take), IT leaders can accelerate this paradigm shift and get ahead of future incidents.

It is often said that attackers are always figuring out new ways to get into systems. They don’t change their tactics and strategies often simply because they are attracted to new techniques or attractive, shiny new cyber objects. Malicious attackers change their tactics because they have very carefully analyzed the victim’s network and have come up with a creative solution. The answer, then, is for today’s cybersecurity professional to be equally as creative.

We’ve seen organizations conduct traditional “red team” and “blue team” competitions, designed to teach penetration testing and defense techniques. Over the past few years, a third team has been added to these competitions: a “white team” responsible for analyzing the tactics and strategies of the other two teams. These developments demonstrate that the traditional “anti-hacker” mind set has morphed and grown to embrace complex analytical skills. Sometimes, even big data approaches are used to help identify network weaknesses.

The traditional anti-hacker approach just can’t discover these issues in a timely way. But a data-driven approach can help. Tackling cybersecurity from a new, data-driven viewpoint will help organizations start to think creatively, just like today’s hackers.

Related Content:

Todd Thibodeaux is the president and chief executive officer of the Computing Technology Industry Association, the leading trade association representing the business interests of the global information technology industry. He is responsible for leading strategy, development ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22152
PUBLISHED: 2021-05-13
A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections.
CVE-2021-22153
PUBLISHED: 2021-05-13
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with t...
CVE-2021-22154
PUBLISHED: 2021-05-13
An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially gain access to a victim's web history.
CVE-2021-20331
PUBLISHED: 2021-05-13
Specific versions of the MongoDB C# Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when commands such as "saslStart", "saslContinue", "i...
CVE-2021-31215
PUBLISHED: 2021-05-13
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.