Kirk Patrick Samuda, Kirk Samuda, Hacking and Intrusion
I read an article written by Mr.. Mathew J.
Schwartz, dated March 12. 2012, for Informational via darkening. Com, and ponder the strength of the subject matter discussed, I asked myself the question when does attack prevention begin? The question does present an abstract yet requires that careful thought be exercised when approaching information security breaches, and how to prevent attacks; a technological melancholy with very expensive associations.
According to Mathew, “It Is very Important for companies to consider the smartest ways to first detect, block, and subsequently investigate employees with malicious motives”; joined to a vigorous external process that outlines preventative mechanisms that are designed and Implemented around an ERP that Is based on a review of hundreds of attacks. Hence the best way to identify, then possibly prevent an internal or external attack is to start with a security audit specifically created as a countermeasure; simply an attack prevention program.
For any information security audit to be effective, with the intent to prevent or educe attacks; it is absolutely necessary to be proactive and first create an insider threat program, that reinforces the fundamental purpose of the CIA triad which highlights information confidentiality, and how protection of company assets is most vital to the preservation of authorized restrictions and how information is accessed and disclosed. Never allow any type of attack. Successful or otherwise to go undocumented or wasted. If you experience an attack, learn from it,” For example, let us analyze an information security breach case of a financial corporation that caught n employee trying to steal very private company trading algorithms. Accountability and authenticity must immediately be exercised to ensure that the employee is held accountable and that company property is not violated; and that immediate verification with transitional trust were exercised for the purpose of data integrity and security authentication purposes. Upon identifying weaknesses within the security framework. An informed security team must Immediately exercise new security measures, policies and protocols that reinforce the prior, to explicitly watch for similar types of attacks. As a result of the ROR improved steps, another employee was caught subsequently trying to copy the It was very clear from Mathew Schwartz writings, that most insider attacks occur within a short period of time, especially when an employee conspires to steal intellectual property which normally occurs within 30 days.
Fraud is usually an exception, because the monetary rewards normally lead to the perpetrator wanting to continue the attack indefinitely. Hence, it is very important once again to know that malicious employees are likely to launch an information security attack within 30 days of resigning or after they leave the company. As such, keep a close eye on departing or departed employees, track their movements prior to departure, by carefully monitoring their computer usage history file.
Attack prevention analysis transcends beyond simple security audits that typically attempt to exhaust security protocols and mechanisms. What is fundamentally necessary, is that the security mindset of everyone involved with information and information security; to become profoundly aware of what an adversary is, how to identify vulnerabilities and threats, while exercising counter intuition as a prompt form of virtual defense against attacks. Conclusively, it is paramount for businesses to have in place effective security technology and use it.
Identifying both internal and external vulnerabilities and threats is the responsibility of every employee. Most important, it is the primary responsibility of executive management to ensure that qualified security engineers are employed to collaborate with I. T in creating a centralized ERP that pinpoints signs of information infiltration and data exfoliation; which is basically an attack or intelligent threat that violates the security protocols of the system, and security policies of the company.