Before Focusing on Advanced Cyber Threats, US Businesses Better Have Their Cyber Security Basics Well Covered

Protecting an organization’s ESI (Electronically Stored Information) from sophisticated and advanced cyber threats can seem like a daunting mountain to climb, but according to Verizon’s 2013 Data Breach Investigations Report, US businesses need to spend a lot more time handling the simple threats first. Global Digital Forensics founder and CEO, Joe Caruso, weighs in on the report and the importance having at least the basics of cyber security very well covered before concentrating on the high end of the spectrum.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend

In our digital world, threats can come from anywhere

One-size-fits-all solutions may be great for many things, but cyber security is absolutely not one of them.

New York, NY (PRWEB) May 02, 2013

There is no shortage of headline making stories that involve advanced cyber threats, from now famous attacks like Stuxnet and the Flame virus, to sophisticated and organized players like Anonymous, or state-sponsored cyber warfare units with deep pockets like China’s Unit 61398 out of Shanghai, which are just a few among many. But Verizon’s 2013 Data Breach Investigations Report (DBIR), which just came out last week, clearly shows the success of even simple attacks, and the staggering longevity of these compromises before they are ever even detected, is an area that needs serious improvement across the board if US organizations want to survive the assault that comes with doing business in our digital world. Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), took some time to weigh in on the report and the importance of focusing on the basics first.

First step, judging the cyber threat landscape.

“One-size-fits-all solutions may be great for many things, but cyber security is absolutely not one of them. Because like the report pointed out, different industries typically face different threats. A manufacturing company, for instance, is probably a lot more worried about keeping designs, secret manufacturing techniques and other intellectual property (IP) safe and secure. A restaurant should probably be a lot more concerned about securing their POS (Point of Sale) systems to make sure they are keeping their customers’ credit card information from falling into the wrong hands. Financial institutions, on the other hand, have the entire gauntlet of threats to face, from brute-force cyber smash-and-grabs and spear phishing campaigns, to distributed denial of service (DoS) attacks which are launched to incapacitate their websites and make accounts unavailable to their clients, and everything in between. Hospitals, universities and retailers have their own ghosts to face as well. But one thing you can be sure of, if you have cyber “gold” of any kind to mine, there are always attackers with their noses pressed up against the glass just licking their chops for an opportunity to capitalize on any exploitable hole they can find. Our cyber threat assessments are designed to look at the big cyber security picture, from understanding and mapping the entire digital infrastructure and how the data flow interacts with business functions, to determining which threat vectors are likely to be the most problematic and prioritize them accordingly. We also thoroughly review cyber security policies and procedures already in place to identify weaknesses and help clients remediate them, or we help create them if none exist.”

Step two, penetration testing.

“The importance of comprehensive penetration testing cannot be overstated. You can talk to clients until you’re blue in the face, you can show mountains of statistics and you can pull out countless headline stories about successful cyber attacks and the long term financial ramifications victimized organizations have endured, but it still won’t sink in. But run a successful penetration test and eyes will open. It’s the cyber equivalent of a live-fire exercise and just like in the military version, it stresses every system with attacks that simulate real-world incidents to identify weaknesses. When we launch one of our realistic phishing or spear phishing campaigns, for instance, and get seventy, eighty or ninety percent of the company’s employees to divulge their credentials, everyone from the employees and managers, to executives and owners get the message loud and clear. Because if it was a real attacker, they would have had complete access to the entire network to do, well, anything they want. And we pull out all the stops with tradecraft honed by two decades of experience. We’ll set up dummy websites which look like the real thing to entice our targets, we’ll employ a variety of social engineering techniques to bypass air gaps on segmented systems and deliver payloads using things like USB sticks, we’ll leverage WiFi and Bluetooth connections from smartphones and tablets which have exploded onto the scene, and a whole host of other proven methods and techniques we have in our arsenal to infiltrate the client’s unique digital architecture. And when you can show someone how they were just victimized and how to avoid it in the future, the lessons stay with them for a very long time. That alone is a huge step towards the ultimate goal of effective cyber security.”

Getting hacked – you may have an app for that.

“Applications can certainly make life a lot easier in the digital world, so it’s no wonder they keep coming out at a breakneck pace. Whether they are Internet or cloud-based applications, phone apps or simply internal applications to make things run more smoothly, they are also a preferred gateway for cyber intruders. The reasoning is simple. Application designers are typically not cyber security experts. Their focus is generally on functionality, and once they get that down the product gets rushed to market. Needless to say, it is not at all uncommon for many of these applications to have security holes right out of the box which can easily be exploited, and that can be like having an unlocked revolving door which leads right into your network, giving intruders complete access to your most sensitive electronically stored information (ESI). Our application security testing exposes those kinds of vulnerabilities so you, your customers, vendors and employees can use them with confidence and enjoy their benefits instead of suffering catastrophic consequences.”

Surviving a cyber emergency is all in the response.

“There is a harsh dose of reality that must be faced when it comes to cyber security; there is no such thing as perfect protection, and any cyber security “expert” that tells you different is simply lying. The reality is that playing offense on the cyber battleground is a lot easier than playing defense. Internal IT security personnel have a million holes to plug, but an attacker only needs to find one to exploit. That’s why GDF has a network of experienced cyber emergency incident responders available 24/7 that are strategically positioned across the country, and the globe. Our responders can be onsite in hours, not days, to identify, isolate, secure and investigate security breaches. We have also developed specialized tools to immediately begin the process remotely in many cases as soon as we receive your call. Not only will taking the right approach to handling a cyber emergency help you contain the actual damage from the attack and the inevitable aftermath, but it will also go a long way towards calming nervous clients, vendors and investors, as well as satisfying many regulatory compliance headaches.”

The dangerous sink or swim world of cyber intrusions, data breaches and other cyber attacks is fluid and constantly evolving. Trusted cyber security professionals like Global Digital Forensics can go a long way towards keeping you afloat. So don’t wait to take control, or you may just become another grim statistic.

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.