Businesses and government organisations that are serious about their network security should either be planning to, or already have, a dedicated IT security team to ensure their end-users, developers and system administrators are alert to IT security issues; and to identify threats and assess the organisations risk profile. All to often though, these security teams lack technical skills and understanding, focusing predominantly on organisation policy and internal procedures.
The reality is that, although policy and procedures is absolutely necessary, they are mostly an ineffective way to mitigate the risk posed by black hat hackers whose cyber attacks have become increasing sophisticated and carried out like a military operation, sometime taking months for their initial breach of perimeter defences to identify value assets, escalate their privileges and then complete their attack. These attacks rely on sophisticated technical knowledge to identify system vulnerabilities in the base operating system, applications and network protocols to achieve their objectives.
Add Technical Skills To Your Security Team
A good way to add the technical skills and knowledge to your team, to convert it from a security policy team to a tiger team, is to train staff as certified ethical hackers. These should be technical staff who already have a good networking and/or application development skills who you can form part of a penetration testing and technical security team. The job of the team should be to:
- Investigate and solve technical and systemic problems,
- Carry out regular tests against the organisations IT systems and infrastructure, identify weaknesses and vulnerabilities and report back to system owners,
- Scan the broader environment for developments, new threats and risks,
- Investigate breaches and recommend remedial action and step to prevent future breaches
With high profile breaches such as E-Bay, LinkdIn, Target and ongoing revelations about state sponsored espionage organisations should make sure they have the right people and skills to properly ensure the protection of their IT assets.