Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

9/5/2016
09:00 AM
Todd Thibodeaux
Todd Thibodeaux
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
100%
0%

The New Security Mindset: Embrace Analytics To Mitigate Risk

Sure, conducting a penetration test can find a weakness. But to truly identify key areas of risk, organizations must start to think more creatively, just like today's hackers.

You’d be hard-pressed to find a business or IT leader today who would deny the importance of cybersecurity. But awareness is different from having the resources and strategy to combat them. In trying to keep pace with end users’ expectations for fast roll-outs of the latest technology, the fight to ward off cyber threats has become more strenuous and stressful.

Fewer than half of information security professionals feel their organizations’ security is completely up to par, according to CompTIA’s 2016 study Practices of Security Professionals. The daily drumbeat of news about successful cyberattacks serves as validation of the beliefs of these security professionals.

Many businesses have thrown money at the issue. Enterprise security spending surpassed $75 billion in 2015, on its way to the $100-billion plateau by 2019, according to estimates from research concern Gartner. Much of this money has been spent on hardware and software solutions. But investing in infrastructure and security solution providers is only one element of survival in today’s constantly mutating landscape.

At best, these solutions represent only table stakes when it comes to securing companies effectively. At worst, they lead to a false sense of security. Recent attacks on leading cloud and mobile device providers suggest that another approach is necessary.

Beyond implementing tactical changes, IT leaders have to initiate a mindset shift throughout their teams, focusing on their ability to evaluate complex issues and create innovative security solutions.

Pivoting to a Data-driven Offense
The repeated mantra has been to “think like a hacker to stop a hacker.” Yet attacks continue to grow in spite of the increasing numbers of white hat and ethical hackers that have entered the workforce. A new approach is necessary.

The key is to properly analyze today’s networks to see where traditional security measures fail. This approach does more than simply devise an attack to see where security falls through the cracks. Merely conducting a penetration test may find a weakness. But conducting a creative analysis of the network and carefully analyzing the results will truly identify key areas of risk. Security professionals who can sniff out abnormalities in their IT network and applications can foil intruders’ plans before they escalate. This is a far different approach than simply finding a single weakness and then declaring “mission accomplished.”

Along with this mental adjustment comes another transition, one that few businesses have mastered. This approach involves both building up an IT department’s detection and analytics capabilities, along with proactively testing an organization’s IT environment to identify any potential vulnerabilities or security gaps.

In addition to focusing on the right hardware and software, it’s vital to focus on the “wetware:” the minds of people who are securing today’s networks. It’s time to focus on an essential shift in how today’s cybersecurity minds approach today’s IT infrastructure. By encouraging security professionals to figure out what makes their organization an attractive target in the first place and hunt down any points of exposure (the same steps hackers take), IT leaders can accelerate this paradigm shift and get ahead of future incidents.

It is often said that attackers are always figuring out new ways to get into systems. They don’t change their tactics and strategies often simply because they are attracted to new techniques or attractive, shiny new cyber objects. Malicious attackers change their tactics because they have very carefully analyzed the victim’s network and have come up with a creative solution. The answer, then, is for today’s cybersecurity professional to be equally as creative.

We’ve seen organizations conduct traditional “red team” and “blue team” competitions, designed to teach penetration testing and defense techniques. Over the past few years, a third team has been added to these competitions: a “white team” responsible for analyzing the tactics and strategies of the other two teams. These developments demonstrate that the traditional “anti-hacker” mind set has morphed and grown to embrace complex analytical skills. Sometimes, even big data approaches are used to help identify network weaknesses.

The traditional anti-hacker approach just can’t discover these issues in a timely way. But a data-driven approach can help. Tackling cybersecurity from a new, data-driven viewpoint will help organizations start to think creatively, just like today’s hackers.

Related Content:

Todd Thibodeaux is the president and chief executive officer of the Computing Technology Industry Association, the leading trade association representing the business interests of the global information technology industry. He is responsible for leading strategy, development ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Stop Defending Everything
Kevin Kurzawa, Senior Information Security Auditor,  2/12/2020
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at Kaseya,  2/13/2020
Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems
Jai Vijayan, Contributing Writer,  2/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9016
PUBLISHED: 2020-02-16
Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header.
CVE-2020-9013
PUBLISHED: 2020-02-16
Arvato Skillpipe 3.0 allows attackers to bypass intended print restrictions by deleting <div id="watermark"> from the HTML source code.
CVE-2020-9007
PUBLISHED: 2020-02-16
Codoforum 4.8.8 allows self-XSS via the title of a new topic.
CVE-2020-9012
PUBLISHED: 2020-02-16
A cross-site scripting (XSS) vulnerability in the Import People functionality in Gluu Identity Configuration 4.0 allows remote attackers to inject arbitrary web script or HTML via the filename parameter.
CVE-2019-20456
PUBLISHED: 2020-02-16
Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 have an Untrusted Search Path that leads to Command Injection and Local Privilege Escalation via DLL hijacking.