Whilst the popular media perception is that IT security defenses are there to protect an organization’s digital assets from external attack, the reality is that a large number of incidents are the result of internal threats compromising the firm’s data. More and more cases revolve around a hacker gaining entry through ‘back doors’ into your computer, they could be anywhere on the net certainly outside your jurisdiction even if you ‘caught’ them.
But it gets worse, as an increasingly common hacker methodology is to crack the security of one company and use that system as a launch pad to hack into other systems. The liability for all attacks including ‘secondary’ attacks lies with the CEO who has allowed – either directly or indirectly – his/her company systems to be misused in this manner.
The problem of inter-linked computer systems is a growing one, as the larger the company, the more reliance it places on computers and connections. These connections are the lifeblood of the cybercriminals, who tap into the fact that the privilege levels of user IDs that interconnect with third-party systems invariably tend to be higher than direct external accounts.
We often find that following a data breach, it becomes apparent that not only was the organization’s security lacking and poorly configured, but there is often a lack of understanding amongst senior management as to what the role of IT security is within the business.
The reality, as our research team has discovered, is that fraud normally comes from the inside!
One of the most interesting aspects of dissecting a given security breach is how often, apart from the breach itself, the hacker has been able to get inside the company’s IT systems. This has the potential to be even more damaging because in the build up to the data breach, most cybercriminals operate in `stealth mode’ and can therefore milk the company’s finances for a lengthy period before they are rumbled. This means that, for almost all organizations, enhancing the IT security of the company – by ensuring it is maintained as up-to-date as automatically possible – is an absolute necessity.
Of course, the degree to which protection is needed is a matter of balancing risk and cost, and this equation is a unique business decision as with any other senior management process. The next step on the road to deploying effective IT security is to ensure it is working properly, and stays that way. This is a stumbling block that many companies fall at, as frequent verification checks on the efficiency – and efficacy – of an IT security platform need to be made. Whatever the system there is only one way to validate against KNOWN threats, and that is to play those threats in a controlled way, through the company’s actual live prevention set-up.
In an ideal world, it would be possible to remediate all threats, but in the real world, this would significantly slow the IT system down, meaning that a compromise between threat checking and system performance is usually required. By using an optimum configuration validation system, you can get the best of both worlds.
CEOs are not only responsible for the effect of attacks to their own IT systems, but they are responsible for hackers who use their system to attack others. Your defenses need to be up at all times, not just when audited or it will be the audit that shows you where you may have been slowly bleeding to death!!