For business and government, cyber security is the new arms race. We defend, and the enemy counters. We respond, and so do they. The cycle escalates in perpetuity.
A strong cyber defense is an integral part of good IT operations. Operate and defend are effectively two sides of the same coin and a denial of service (DDoS) attack is still an attack whether it comes from an external source, or as a result of an error from your own IT department. You need to be able to respond to both effectively and have a clear understanding of the routes, or attack vectors, through which the breach occurred. Whether it’s a malicious attack or an error, you’ll need the same business continuity and disaster recovery plans and capabilities in place.
To truly understand the potential attack vectors, you first need to have total visibility of all the assets on your network and their current status. As part of the process, you will need to evaluate the network paths across all systems and telecom carriers. While asset classification and identification are among the less glamorous aspects of information security, they are as essential to it as they are to good IT operations.
The disturbing fact is that very few organizations have such a detailed understanding of their networks. Bad guys get in because they get to know your network a lot better than you do. They discover vulnerabilities and press at those points like a hot knife through butter.
To my mind, the safest approach is to assume that you have been compromised and work on what needs to be done to address this. I call this approach Cyber Defense in Depth.