While fighting back against hackers and other cybercriminals trying to infiltrate a business may not be the best route, according to Michael Davis on InformationWeek, it is important for companies to be able to have a method of data protection in place that works well. Battling against hackers may not work, as the old sports adage that the best offense is a good defense may be true. Davis said one method of being proactively aggressive against cybercrime is having an active risk analysis setup that will allow the business to see when and how attackers may strike.
Although gathering intelligence is a tough task for even companies and agencies that have extra money that is made further complex by the fact that private sector IT departments don’t often share information that could help other businesses. Davis said companies can control their own network and gain knowledge of what is happening in their own companies online presence.
“Conventional cyber defense involves security engineers trying to figure out what attackers can do, how they might break in and what system holes could be exploited,” he wrote on InformationWeek. “But this is where IT could learn from traditional engineering disciplines, which take a more proactive approach. For example, mechanical engineers are taught to approach problems using failure analysis. This technique involves identifying the conditions where a failure can occur instead of trying to figure out what failures can occur.”
As an example, he said to think of an explosion caused by an oily rag. Without the oxygen needed, the rag and fires won’t cause the explosion, but most security engineers try to keep their networks from being harmed by looking at log data, or the hacker, rather than finding the cause of the problem (i.e. the oily rag and oxygen).
How to start assessing risk
Baseline Magazine said starting to look at the assessment process should come in steps. Looking at the healthcare industry, the source said organizations should look at their electronic health record system to make sure the environment around it can be secured then evaluate the risks they are in place. After this, businesses can look to correct deficiencies that exist, maintain technology and processes over the long run and be sure to attest that the risk assessment has been completed.
“A comprehensive security plan also includes policies and processes on what to do in the event of adverse incidents, such as a network breach,” the magazine said. “A breach-management policy should describe the response and review steps that should be taken by all key staff members, including IT personnel, senior management and clinicians. Some incidents go unreported for the simple reason that people believe it is someone else’s responsibility.”
Data Security News from SimplySecurity.com by Trend Micro.