We have developed the myth that technology can be an effective fortress – We can have security.
Traditional focus on:
- Better Firewalls
- Boundary Intrusion Detection
- Critical Offsite Capacity
- Compliance Certification
- IT staff = security staff
- Compliance failure is the main source of risk
- Being compliant = being safe
The Internet is fundamentally open:
- We don’t know what’s on our own nets
- What’s on our nets is bad, and existing practices aren’t finding everything
- Threat is in the “interior”
- Threat is faster than the response
- “Boundaries” are irrelevant
- We don’t know what is on our partner’s nets nor on the points of intersection
- Compromises occur despite defenses
- Depending on the motivation behind any particular threat, it can be a nuisance, costly or mission threatening
What Can We Do?
Network MUST be:
Another Approach - Awareness
- Not Really an Either / Or Scenario
- The APT History shows an Initial Entry Vector to the Network Through Spear Phishing.
- It’s MUCH easier to gain entry through tricking an employee to click on a link than finesse your way through a firewall.
Good awareness program for enlightening your staff to the dangers of Spear Phishing
- With Security assurance, I am not intending to make the system "HACKER PROOF", but surely device a mechanism which can, to a large extent
- It is all about the ability to EXPECT THE EXPECTED before we are ready to EXPECT THE UNEXPECTED.
- Advanced Persistent Threats Can be Defeated
You can predict the future based on the past. The enemy can't change all his techniques, and once you've learned about your adversary, you can deal better with the oncoming waves of attacks.
As attacks have migrated from targeting systems via exploits to targeting people, security breaches are growing in number and sophistication. Therefore, it is no longer acceptable to rely exclusively on preventative measures . . .
New Technology Gadgets are also under Threat
Many users of the Mac OS X platform still view it as absolutely safe, primarily because Apple has assured them for many years that the system is more secure than PCs. However, recent analysis has challenged that assertion. There are significant numbers of Mac users. Botnet (as Trojan-Downloader.OSX.Flashfake) to have attracted the attention of experts in Q1 was the zombie network built of Mac OS X computers. In March 2012, Flashback infected about 7,00,000 computers across the globe.
CISO Team needs to wear different shoes, meaning wear the shoes of his/her customer and participate in building requirements then (s)he may be able to deliver better shoe
-By Sharat Airani