To wrap up my series on HORNE Cyber’s decidedly different approach to cybersecurity, I want to focus on the importance of maintaining a hacker mentality when testing the resiliency of network infrastructures.
Hollywood does a fantastic job of painting the picture of a cyberattack as all of your computer systems going down at one time with a big message on your screen saying "you've been hacked." The reality is, the majority of cyberattacks do not occur that way.
A recent study revealed that it takes financial institutions an average of 98 days to identify a cyberattack. If you think about that for a minute, banks are one of the most regulated industries and it takes them 3 months to recognize a threat. By the time they realize they have had an advanced persistent threat targeting their data, the damage is already done. Their customer, strategic, and other sensitive data has been breached and their reputation stands to become impaired.
The best way to understand how real hackers can steal your data is to conduct what we call advanced penetration testing. These tests focus on approaching an IT environment in the same manner as a true malicious user to uncover the same vulnerabilities they would identify.
The key benefit to this model is that it exposes vulnerabilities that are not publicly known. Penetration tests that rely on automated tools will not find the majority of these vulnerabilities. Automated tools use publicly available vulnerability databases populated by security researchers testing publicly available applications. Many organizations also deploy custom developed applications, which are not subject to the same level of security research as applications released by mainstream vendors.
By attacking and assessing networks just as a real advanced threat group would, advanced penetration testing more exhaustively assesses networks and applications to uncover issues before a real malicious attack hits the organization. By emulating an advanced persistent threat, your IT staff is empowered with actionable knowledge of what real threat groups, organized crime rings or nation states will see when they attempt to breach your organization.
In closing, in order to effectively mitigate the risks presented by evolving cyber threat actors, organizations must adapt cybersecurity testing approaches to emulate the threats that affect their resiliency every day.
For weekly insights into cybersecurity, please sign up here: