Page 11 - index
P. 11
Network knowledge is perhaps even more important. Know what normal behavior on your
network looks like, so you can spot abnormal behavior. Know what your network itself really
looks like, rather than working on an assumption or from a hopelessly out-of-date map.
Know where your critical data resides, and all the paths that could lead an attacker to it.
Know how you want to protect that data, and whether your efforts are actually resulting in the
protection you desire.
The easiest way to build this knowledge is through visualization. For networks, the “killer
app” takes the form of a network map. Mapping your network – and being able to know and
see all the devices, where they are and what they can get to – allows you to do a form of
triage. It quickly shows you all the paths to – and from – your most valuable data. It gives
you a roadmap to fix them, in an iterative fashion. Once the most undesirable paths have
been closed off, you can then repeat the process until you are certain that your most critical
data is actually being protected the way you want. Mapping lets you see whether your
secure enclaves are actually implemented as intended.
Conclusion
Threats are growing in sophistication, employing new and innovative ways to attack our
strategically important networks. Knowledge: of the nature of the attacks, the attack surfaces
used, and the reasons behind our continued vulnerability, is the “killer app” that will help us
gain full visibility. Visibility leads to knowledge, and from there to power. It’s our most
effective weapon against an increasingly sophisticated bad actor who needs only a bit of
good luck (or lack of knowledge on our part) to infiltrate, exploit and exfiltrate our most
critical information.
About the author
Brandon Hoffman is a technology professional with more than 15
years of experience ranging from practitioner to management.
Brandon's core experience is with information security and security
program development/management, high availability (trading and
broadcast) networks, wireless platforms, and data center. Prior to
RedSeal, Brandon held roles at KPMG, Chicago Mercantile
Exchange, Clear Channel, Bonneville Radio, and Boingo Wireless
amongst others. To keep himself fresh, Brandon teaches an
undergraduate EECS course and a graduate level information security course at
Northwestern University in Chicago, IL.
11 Cyber Warnings E-Magazine – August 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
