New York, NY (PRWEB) February 19, 2013
During last week’s State of the Union address, the President announced a new Executive Order squarely aimed at cyber security. But it was the five sentences preceding that announcement in his address which should have every US organization thinking long and hard about cyber security going forward. He said, “America must also face the rapidly growing threat from cyber-attacks. We know hackers steal people’s identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.” A professional, comprehensive cyber threat assessment by Global Digital Forensics can establish a valuable baseline to direct focus on any weak areas in a client’s cyber security posture so it can be significantly improved and strengthened to face today’s threats.
But it shouldn’t take a Presidential speech to motivate US organizations to get serious about cyber security, it only takes simple logic to realize that protecting ESI (Electronically Stored Information) has never been more critical. The sheer volume of what’s kept in digital form today, from intellectual property and other corporate secrets, to sensitive client and vendor information, coupled with commonplace reliance on the many forms of electronic correspondence like texting, emailing and social networking platforms, has certainly upped the ante when it comes to both cyber attack vulnerability and the potential consequences of a successful attack.
“We hear about advancements in technology on an almost daily basis, but when was the last time you heard about technology in retreat? Never. And it’s the same story when it comes to cyber threats,” said Joe Caruso, founder and CEO/CTO of Global Digital Forensics. “More information is in digital form than ever before, and often, that’s the only form it’s in. That means more tantalizing targets for cyber attackers and more toxic fallout to deal with from any successful attack. To survive on the digital frontier, it takes a mix of adaptability and flexibility, a bit of foresight, a bit of hindsight, a firm dedication to security and a concrete plan. But the very first step to improving cyber security is to see where you stand right now, today. That’s what a cyber threat assessment is all about ”
“We’ve been responding to cyber emergencies and helping organizations of all sizes improve their cyber security posture for years. We know that cyber threats are cumulative, and by that I mean you have to protect against all of yesterday’s threats, defend against today’s threats and anticipate the threats of tomorrow. Our cyber threat assessments are designed to put that threat landscape into focus and see exactly where the client is starting from in order to put together a plan to go forward which is suited to their unique needs.“
What’s involved in a cyber threat assessment?
“A full, professional cyber threat assessment is a mixture of a lot of components. We start by reviewing the current policies and procedures in place relating to cyber security and incident response, if they exist, and we help clients design and implement them if they don’t . Then we take a look at any unique regulatory challenges they may face and where they currently stand on compliance, reporting policies and whatever else may be involved in their specific industry. Then we get to the fun stuff, the penetration testing. That’s when we attempt to hack a network just like a real-world attacker would, using our diverse experience with cyber threats and a healthy dose of tradecraft. We also incorporate a very realistic social engineering testing component which, depending on client’s digital information architecture, can include setting up a full dummy site that looks like a valid corporate site and launching phishing and spear phishing attacks to gain access to credentials and other sensitive information, or using a host of clever methods to see if we can get an “infected” USB stick plugged into an internal system or network which would serve as the launching pad for a malware, spyware or virus infection attack if a real attacker were able to do it. And we don’t forget about all those other digital devices that may be part of the security picture, like smartphones and tablets, as BYOD (Bring Your Own Device) practices increasingly become more commonplace.”
“Cyber threat assessments should be done regularly to see how well an organization’s cyber security posture is holding up to the ever-evolving threats they face. Otherwise, it’s like relying on a doctor’s checkup from years ago to determine how healthy you are today. “
*Global Digital Forensics is a recognized industry leader in the fields of cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if once a cyber incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.