Page 3 - Cyber Warnings
P. 3
Isn’t It Time We Go On The Offense?
Friends,
With all the breaches happening today, shouldn’t we get a bit more
proactive? Let’s analyze the root cause of breaches together, shall we? #1
we find that employees are easily tricked into opening attachments that come
from cyber criminals. #2, we don’t take the necessary precautions to reduce
internal risks in our networking environments – this may be due to the fact
that most in IT are understaffed and overworked. How could we let this
happen to ourselves? With over $600B in cybercrime predicted for this year,
with so many variants of successfully deployed ransomware, isn’t it time we
go on the offense and stop becoming victims?
As an INFOSEC professional, I highly recommend you ask your “C” level executives for bigger budgets
for 2017 because it’s only going to get worse. Get them to agree to allow you to begin more rigorous
training of all personnel, especially those who keep becoming victims of spear phishing attacks. Also, I’m
sure we all know the risk formula but are too busy to focus on the most serious risks to our organization –
an upcoming breach – be it a malicious insider, a remote access Trojan siphoning personally identifiable
information (PII) or other valuable information – we must become more vigilant. The breaches are
reaching an exponential growth level. Remember that Risks to your organization start with Threats,
Vulnerabilities and Assets. You must be better prepared for the latest threats. You must remove your
most serious vulnerabilities that are easily exploited and you must ensure only healthy, trusted Assets are
on your network.
In this edition of Cyber Warnings, you’ll learn the 7 Secrets of Offensive Security. I would add a few to
the author’s list – one would be to learn about Honeypots at HONEYNET – visit them
at https://www.honeynet.org/ The Honeynet Project is a leading international 501c3 non-profit security
research organization, dedicated to investigating the latest attacks and developing open source security
tools to improve Internet security. With Chapters around the world, their volunteers have contributed to
fight against malware (such as Confickr), discovering new attacks and creating security tools used by
businesses and government agencies all over the world. The organization continues to be on the cutting
edge of security research by working to analyze the latest attacks and educating the public about threats
to information systems across the world. Another recommendation would be to keep on taking the latest
INFOSEC and ETHICAL HACKER courses – stay on top of the latest trends and the best ideas. Finally,
like we do here at CDM, share these ideas with your peers. Get together with fellow INFOSEC
professionals whenever you can – if you are in Banking, start an INFOSEC Bankers meetup.
If you are in Healthcare, start an INFOSEC Healthcare meeting. Networking and communicating will lead
to new ideas on how to get one step ahead of the next threat.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
3 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide