The Fundamentals of Cyber Security

July 20, 2011   //   Security, ,

Every once in a while I will read an article that leaves me stunned and reminded that life can be much more intriguing than art. Over the last two months the IT security world has been littered with the kind of headlines that seem more appropriate for a Hollywood suspense thriller than today’s boardroom. With an eerie rhythm headlines have emerged of bold hacking attacks on U.S. enterprises that have led to the theft of highly sensitive information.

  • March 18 ~ RSA Hacked, data exposed that could reduce the effectiveness of SecurID tokens
  • May 30 ~  Hackers Use Stolen RSA Information to Hack Lockheed Martin
  • June 2 ~ Northrop Grumman, L-3 Communications Hacked via Cloned RSA SecurID Tokens
  • July 14 ~ Pentagon discloses massive cyber theft

In an acknowledgement of this threat the Pentagon announced a new cyber defense strategy that reserved the right of military retaliation. As one military official said “if you shut down our power grid, maybe we put a missile down one of your smokestacks”

I love that quote….it lets me imagine some hacker, sitting in his parent’s basement, banging away at his keyboard, empty Red Bull cans scattered at his feet. He hits the Enter key, chuckles for a moment and then, well….you know.

At SWC most of our clients are mid-market organizations, so we typically do not recommend airstrikes. More often than not we find ourselves on a more pragmatic level; helping our clients evaluate and improve their security posture.

In the end, most of cyber security is about the fundamentals, both technical and human. It’s about understanding and addressing the points of vulnerability. As I spend time with our clients I try to focus their attention on three areas: systems management, security configuration and the human element.

Systems Management and Security Configuration can cover a lot of ground but there are areas of disproportionate return. Making sure that your environment is current on software and patch updates, instituting and enforcing a strong password policy, and designing and managing appropriate authorization rights and privileges can go a long way in developing the building blocks of an effective security posture.

Of course, at times, it is the human users that are the weakest link of any network. Too often the most sophisticated environments get hacked because a network user was scammed into giving the wrong person access to sensitive information. In fact, if you get a chance to read the article links above you will learn how much our users’ actions can affect the security of our systems. Part of any security effort is communicating to the users what their responsibilities are as part of their technology community and furthermore understanding how to monitor and manage those behaviors.

Over time SWC has developed a rigorous approach to security assessments that consistently help our clients understand their current security posture as well as the changes they need to make in order to improve their position. As you may imagine, in some cases, we find ourselves engaged after an attack has occurred. These attacks are not at the size of the RSA hack but for our clients they are significant. Our goal is to get there before the attack and to prevent any from being effective in the future. The last thing we want is to see our client’s name in the next headline.