Football and Hacking

Think football.  The hackers are the other team.  The one wanting your data or to do damage to you.    They have different plays they run such as: denial of service (DDos) attacks, phishing / spear phishing, malware, social engineering, software / hardware flaws and/or insider threat.

You or your team (the home team, the good guys) need to stop the offensive or the bad guys win.  These are the things that can be done to prevent a cyber security breach.  They include: training/education, policies, law enforcement agreements, information sharing, threat intelligence, hardware/software, current patches and techniques to improve security, encrypted data and hard drives and phones, and counter intelligence.  Many of these will be covered in future posts. The reason defense is so hard is that the bad guys need to find a single opening while you have to defend hundreds or thousands of points in your network.

After an successful attack (post game), these are the things that must be addressed: forensics, legal, insurance (hopefully purchased before the attack), damage assessment, and target cleanup/validation.  In addition, one must examine policies and defenses to figure out what went wrong and how to do a better job next time.

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s