Now that you've enlisted in the army sworn to protecting informaiton assets, you find yourself engaged in warfare against wiley cyber criminals that spend their time preying on the unprepared and the known vulnerabilities of systems and applications. Protecing information assets involves many best practices. In this follow up to his piece earlier in the week on cyberwarfare, Warren Axelrod provides an unorthodox practice improving preparedness. While it might be "out there" it sounds like fun!
From the desk of Warren Axelrod:
Here’s a suggestion: Why not sponsor some brainstorming sessions in which those who really understand the subject systems and processes try to imagine what an attacker might possibly do to breach the system, foil security. It’s a tough assignment.
Here are a couple of guidelines that might help:
· Research what has happened to others and make sure that you monitor for such behavior and implement defenses against anticipated attacks
· Extrapolate incidents from other environments, particularly in the physical world. Read some spy novels, crime stories and science fiction. See movies and videos such as “Live Free or Die Hard.” Some experts have called the latter far-fetched, and many of the exploits may indeed be over the top (such as Bruce Willis’s encounter with a jet fighter). But some of the fictional hacks contain elements of the possible. Collect those and insert them into your what-if scenarios.
Some have said that a good enterprise security management professional should think like a criminal. I think that’s a little extreme – there are plenty of real-life events retold by the media and plenty more that flow from the fertile imaginations of writers and filmmakers. Research is the key to preparedness. It’s more rewarding than trying to emulate the warped mind of the unknown attacker.
Powered by Compendium Blogware
Comments for Cyberwarfare - Protecting Information Assets