Page 42 - Cyber Defense eMagazine - September 2017
P. 42

Do you know who you’re letting inside your networks?



               A  hacker  attacks.  Your  company  reacts.  That’s  the  default  position  most  companies  find
               themselves in, despite their best intentions.

               Proactive security is the ideal, but when most organizations think about proactivity, they think
               intrusion  prevention…  and  then  they  stop  thinking.  What  people  are  forgetting  is  the
               fundamentals: identity and access management (IAM).
               IAM controls who gets into a network and what they can do once inside. A lot of breaches are
               caused by careless mistakes, such as granting administrative powers to a partner whose staff
               can then change or take whatever they want without constraints. Something similar happened
               earlier this year, when Amazon was breached by hackers leveraging weak passwords and poor
               security hygiene to divert funds from Amazon’s vendors into the hackers’ own bank accounts.

               Breaches like that are common, but they don’t have to be. Business leaders need to ask their
               CISOs what is being done to prevent unauthorized or over-privileged access, and cybersecurity
               professionals need to rethink their IAM strategies to make sure every partner and vendor has
               exactly the access they need and not a single byte more.



               Goodbye, Mr. Robot. Hello, Tony Soprano.



               In  the  not-so-distant  past,  passwords  alone  provided  an  adequate  level  of  protection  for  the
               average enterprise. When critical business operations were performed with pen and paper, user
               accounts could be protected with simple passwords, and passwords could be  shared without
               much risk. There have always been hackers but their low numbers and skill levels limited the
               damage they could inflict. That’s all changed.

               The  stereotype  of  a  hacker  in  a  hoodie  is  outdated.  A  hacker  is  now  more  likely  to  be  a
               sophisticated member of a crew that is trained, organized, and funded by a criminal organization
               or a nation-state, and these types of attackers are good at what they do. Last year in the UK, for
               instance, 36 percent of all crimes reported were cybercrimes and that’s just the crimes reported.
               Many companies do not publicize breaches because the publicity could cost them more than the
               attack.

               Cybercriminals  can  be  this  successful  because  the  methods  businesses  use  to  connect  with
               each other create a lot of unlocked doors and open windows. The rise of SaaS, cloud, APIs, and
               vendor  self-service  tools,  has  blurred  the  boundaries  of  the  typical  network;  you  know  your
               vendor  is  part  of  your  network,  but  what  about  your  vendor’s  vendor?  Understanding  what
               needs to be protected, who should have access, and what security protocols must be in place
               for all network participants should be everyone’s job so sometimes it becomes nobody’s job.





                    42   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   37   38   39   40   41   42   43   44   45   46   47