Takeaways From The Russian Hacking Incident
Lessons in Security Development from Russian Hacking
There are lots of conversations about whether we should do more investigations based on the constant attacks.
When looking at this from the perspective of what matters to the common organization, we need to understand two things:
1. If an attack occurs on your organization, do you have the ability to adequately prevent or detect it?
One of the big reasons the breach numbers are increasing in organizations is because the organizations that are being attacked have limited implemented detective safeguards to tell them exactly how much exposure they have had. In these situations, it’s standard practice to report what the full potential data loss could have been, even if that isn’t the actual scope.
Make sure that you first understand what security means in your organization and balance your security efforts to implement preventive safeguards in your environment with detective ones.
2. If an attack occurs on someone else, such as another company, do you have enough detective safeguards to demonstrate that you had nothing to do with it?
Maybe Russia has these safeguards and haven’t talked about them. Maybe they don’t and wish they did.
In the organizational context, if you are doing business with another company, you need to make sure that you have the ability to know if your company did something that could impact the other.
For example, if you have a direct business-to-business connection with another organization, you need to ensure that you can detect if someone used that connection to attack your partner. This way, if that other company comes back to you, you can prove it was not from you.
Acting on these ideas isn’t difficult, but does take some planning and thinking upfront to get it right.
This is why we believe 2017 is the year of security program development. The best place to start is on your projects and relationships with business partners, or anywhere that your organization accesses, transfers or stores information of another organization on their behalf.
Need information on Security Program Development? Contact one of Information Security Experts.
CISOSHARE’s President and CEO
Mike Gentile has been helping organizations build Information Security Programs for more than 20 years. He has written multiple recognized books on the subject, provided hundreds of presentations, and built many Security Programs in both internal and external consulting roles