Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

How to Stop a Cyber Attack Before it Happens

How to Stop a Cyber Attack Before it Happens

How to Stop a Cyber Attack Before it Happens

One of the fastest growing segments of the world economy is cybercrime. The opportunity is created by the inexorable digitization and interconnection of enterprises both Government and Commercial, and is exacerbated by increasingly sophisticated and well-funded attackers. The modern IT security approach to countering this threat has been reactive, not proactive. Intrusion detection systems, firewalls, Web filters, anti-malware software and Patch Tuesdays represent the state of the art, and while there are a lot of great security products and technologies available, the concept of allowing connectivity to critical information and networks while trying to filter and detect malicious activity is fundamentally flawed. The black hats simply change tactics to circumvent defenses, they are always one step ahead.

Cybersecurity - Strategy

Learn from Others’ Mistakes

Every day we hear reports of successful cyber intrusions, expansive private data disclosures, service outages and massive monetary losses. The inability to protect our critical digital resources acts as a collective drag on innovation and productivity; for example, consider how mobile devices and cloud computing are generally viewed as far too risky to trust with enterprise-critical data.

Clearly, the IT security world is in need of a proactive approach. Critical infrastructure must be built upon trustworthy computing platforms that can guarantee protection against even the most sophisticated attackers.

Do your Homework

How do cyber criminals get into the supposedly secure networks of enterprises? They typically exploit one of the thousands of vulnerabilities of the underlying operating system or the web server or the firewall that the enterprise uses as it’s security foundation. And many IT professionals never even bother to research the existence of these vulnerabilities, although they are readily available by checking the national vulnerability database.

The first thing any organization should do when formulating a proactive approach to security is obtain independent affirmation of the level of security assurance of the technology they are going to deploy. There is one, internationally accepted standard for evaluating IT security: ISO/IEC 15408, commonly known as the Common Criteria. The Common Criteria specifies levels of security assurance. Common enterprise software products, such as Windows, Linux, Android, VMware and Oracle are certified at level 4+ or lower, a standard that is appropriate only against “inadvertent or casual attempts to breach the system security”. These are all wonderful, feature-rich products, but none of them were designed from the ground up to meet the highest levels of security.

Advertisement. Scroll to continue reading.

In order to ensure maximum security, organizations should search out and deploy products rated at EAL 6+ High Robustness, the level of security that the US government specifies for protection of high value information against the most sophisticated and determined attackers. Level 6+ requires formal mathematical proof of security and detailed penetration testing – it requires vendors to actually prove that their products are secure.

What Not to Do

Adding filters and firewalls to insecure platforms is like attaching padlocks to a screen door. Inevitably, the criminals are going to find a way in, and when they do, they have a vast library of vulnerabilities in the platform with which to wreak havoc. One recent example is CVE-2009-2692, a flaw in the Linux kernel that enables user applications to take over complete control of the computer. This vulnerability was recently discovered by researchers after going undetected for eight years within the Linux code base. For eight years the cyber criminals had a simple way to get into any Linux system deployed.

Ask the Experts

In addition to searching the Common Criteria evaluated products list to find the highest certified products, consult organizations such as the Cyber Secure Institute, a non-profit cybersecurity analysis and advocacy organization dedicated to increasing awareness of the need for trustworthy computing to CIOs and other IT professionals. The Institute is leading the charge for both the government and commercial IT communities in a worldwide demand for a higher security standard from computing infrastructure suppliers.

It’s no secret that the strained economic climate has put direct pressure on companies to reduce their investments in security technology. The beauty of investing in trustworthy platforms, however, is that certain technologies can actually lower cost while improving security. So, the best advice for IT professionals who want to stop a cyber attack before it happens is: Do your homework, and invest in technology that protects sensitive data from the inside out.

Tags: Cyber Security, IT Security Strategies, preventing cyber attacks, CISO strategy, CIO, ISO/IEC 15408

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...