Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

9/5/2016
09:00 AM
Todd Thibodeaux
Todd Thibodeaux
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
100%
0%

The New Security Mindset: Embrace Analytics To Mitigate Risk

Sure, conducting a penetration test can find a weakness. But to truly identify key areas of risk, organizations must start to think more creatively, just like today's hackers.

You’d be hard-pressed to find a business or IT leader today who would deny the importance of cybersecurity. But awareness is different from having the resources and strategy to combat them. In trying to keep pace with end users’ expectations for fast roll-outs of the latest technology, the fight to ward off cyber threats has become more strenuous and stressful.

Fewer than half of information security professionals feel their organizations’ security is completely up to par, according to CompTIA’s 2016 study Practices of Security Professionals. The daily drumbeat of news about successful cyberattacks serves as validation of the beliefs of these security professionals.

Many businesses have thrown money at the issue. Enterprise security spending surpassed $75 billion in 2015, on its way to the $100-billion plateau by 2019, according to estimates from research concern Gartner. Much of this money has been spent on hardware and software solutions. But investing in infrastructure and security solution providers is only one element of survival in today’s constantly mutating landscape.

At best, these solutions represent only table stakes when it comes to securing companies effectively. At worst, they lead to a false sense of security. Recent attacks on leading cloud and mobile device providers suggest that another approach is necessary.

Beyond implementing tactical changes, IT leaders have to initiate a mindset shift throughout their teams, focusing on their ability to evaluate complex issues and create innovative security solutions.

Pivoting to a Data-driven Offense
The repeated mantra has been to “think like a hacker to stop a hacker.” Yet attacks continue to grow in spite of the increasing numbers of white hat and ethical hackers that have entered the workforce. A new approach is necessary.

The key is to properly analyze today’s networks to see where traditional security measures fail. This approach does more than simply devise an attack to see where security falls through the cracks. Merely conducting a penetration test may find a weakness. But conducting a creative analysis of the network and carefully analyzing the results will truly identify key areas of risk. Security professionals who can sniff out abnormalities in their IT network and applications can foil intruders’ plans before they escalate. This is a far different approach than simply finding a single weakness and then declaring “mission accomplished.”

Along with this mental adjustment comes another transition, one that few businesses have mastered. This approach involves both building up an IT department’s detection and analytics capabilities, along with proactively testing an organization’s IT environment to identify any potential vulnerabilities or security gaps.

In addition to focusing on the right hardware and software, it’s vital to focus on the “wetware:” the minds of people who are securing today’s networks. It’s time to focus on an essential shift in how today’s cybersecurity minds approach today’s IT infrastructure. By encouraging security professionals to figure out what makes their organization an attractive target in the first place and hunt down any points of exposure (the same steps hackers take), IT leaders can accelerate this paradigm shift and get ahead of future incidents.

It is often said that attackers are always figuring out new ways to get into systems. They don’t change their tactics and strategies often simply because they are attracted to new techniques or attractive, shiny new cyber objects. Malicious attackers change their tactics because they have very carefully analyzed the victim’s network and have come up with a creative solution. The answer, then, is for today’s cybersecurity professional to be equally as creative.

We’ve seen organizations conduct traditional “red team” and “blue team” competitions, designed to teach penetration testing and defense techniques. Over the past few years, a third team has been added to these competitions: a “white team” responsible for analyzing the tactics and strategies of the other two teams. These developments demonstrate that the traditional “anti-hacker” mind set has morphed and grown to embrace complex analytical skills. Sometimes, even big data approaches are used to help identify network weaknesses.

The traditional anti-hacker approach just can’t discover these issues in a timely way. But a data-driven approach can help. Tackling cybersecurity from a new, data-driven viewpoint will help organizations start to think creatively, just like today’s hackers.

Related Content:

Todd Thibodeaux is the president and chief executive officer of the Computing Technology Industry Association, the leading trade association representing the business interests of the global information technology industry. He is responsible for leading strategy, development ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29378
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password [email protected]#y$z%x6x7q8c9z) for the e...
CVE-2020-29379
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access.
CVE-2020-29380
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a man-in-...
CVE-2020-29381
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted filename...
CVE-2020-29382
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key (specific to V1600D, V1600G1, and V1600G2) is contained in the firmware images.