Thinking like a cyber adversary
Cyber sleuths seem to always be one step ahead, for every new vulnerability patched or malware discovered there’s another new attack bubbling away quietly under the surface. Trying to keep up, let alone stay ahead, of the never ending stream of possible attacks and compromises isn’t easy. So in a world of sensitive data and tightening regulations what’s an organisation to do?
The answer lies in innovation, in thinking differently about cyber security, in trying to think like your cyber adversary.
Whether it’s a nation state hacker or your average cybercriminal, any adversary worth their salt will study your organisation. They’ll want to understand what it’s digital footprint is, where you use online applications, how frequently employees log on and how long for, how big different departments are, if there’s new employees, if they’re determined enough they’ll even scope out your physical security – asking seemingly innocent questions of staff on the door or receptionists on the phone. All of this with one goal in mind, finding a route into your organisation.
Gone are the days of cyber attackers using just brute force attacks to gain entry. Today’s adversary is far slicker, combing the newest of digital attack methods with social engineering to gain access to the information they want. It’s all about blending in so much you wouldn’t ever notice them until it’s too late.
So if you want to stop a savvy cyber adversary, you better start thinking like one when it comes to the protection you put in place. From antivirus through to threat intelligence and pen testing, modern cyber security tools are the front line defence in the cyber security battle. Alongside these tools it’s imperative that you also have the most comprehensive view possible of your organisation.