The information security profession certainly gets its fair share of media coverage, particularly in recent years. It seems that nearly every week we hear of the latest big breach, the newest attack technique, or yet another critical vulnerability.
There is no shortage of hype, but hype isn’t particularly helpful to information security professionals looking to solve real-world problems. Given the attention many of us get from executives and boards, how can information security professionals in a small or medium-sized business remain focused on the right challenges?
Although there are many potential approaches to this question, I think that it makes sense to get back to basics. What do I mean by that?
Security is first and foremost about mitigating, managing, and minimizing risk with the understanding that risk in a business environment can never be eliminated.
If we look at the risks and threats facing small and medium-sized businesses today, the majority of them involve theft of confidential, sensitive, or proprietary information from the business. Theft of this coveted information can obviously cause great damage and loss to the business, as we’ve seen in the recent past.
How can this approach of getting back to basics help us stay focused? The best way to prevent theft of critical data is to stop the activity that is designed to steal it. This involves a mixture of good security hygiene (prevention), along with the ability to identify (detect) and eradicate (respond to) the illicit activity.
When we look at all the buzz around the breaches, attack techniques, and vulnerabilities I mentioned above, we see that a common thread runs through all of them.
There is no doubt that attack techniques, vectors, and media have changed, and will continue to change over time. It’s important to remember, though, that almost all breaches that have made big news began as a simple intrusion into an endpoint.
That simple intrusion remained undetected, and like a snowball rolling down a hill, became a bigger and bigger problem.
Click here to read more.
SOURCE: Biz Journals
Joshua Goldfarb is chief technology officer, Emerging Technologies, at FireEye and has more than a decade of experience building, operating and running security operations centers. Previously, Goldfarb served as the chief of analysis for US-CERT, where he built and subsequently ran the network, physical media and malware analysis/forensics capabilities. Goldfarb holds both a B.A. in physics and an M.Eng. in operations research and information engineering from Cornell University.
Leave a Reply
You must be logged in to post a comment.