A good security defence is the best offence: Experts

Tips for creating policies that will keep the enterprise’s crown jewels safe

University of London Professor Paul Dorey and Black Swan Consulting director, Keith Price.

University of London Professor Paul Dorey and Black Swan Consulting director, Keith Price.

Rather than talking about how secure your enterprise is, IT executives need to own up to the fact that it is insecure and take defensive steps, according to two security experts.

Speaking at the Cyber Security Summit 2012 in Sydney, Black Swan Consulting director, Keith Price, and University of London CSO confidential and security faculty, Professor Paul Dorey, provided delegates with a number of strategies to improve security from within the corporation.

Read more from the Summit: AFP assistant commissioner calls for data retention laws

Get the right security tools

According to Price, IT executives need to resign themselves to the fact that they cannot protect attacks, only detect them.

“In order to detect them you are going to need very complex, expensive and sophisticated tools to discern an attacker’s traffic from the normal traffic that already exists in your environment,” he said.

“To be able to respond, you’re also going to need a series of well-rehearsed scenarios and respond lightning fast.”

Professor Dorey added that the hardest thing for CSOs and CIOs is getting security resources for the operation component because costs inside organisations are under huge scrutiny.

He said that buying the technology is a start but the real problem is the cost of the staff to do the analysis and resourcing.

“Staff can be hard to get hold of and most budgets can’t withstand that level without executive management standing up and backing it.”

Enterprise defensive action

According to Price, enterprises need to be more defensive, find out the “crown jewels” of information that the business runs on and protect the assets from within.

“Stop talking about how secure you are because you’re not. Start talking about how insecure you are and deal with the problem of insecurity.”

Identifying attackers

Professor Dorey suggested that IT executives build up information on cyber criminals gathered from law enforcement agencies or other legitimate sources.

Price agreed as one of the ongoing issues for corporations in trying to deal with groups such as Anonymous is that, “we don’t know who they are or where they are based.”

“Like we saw recently with the AAPT data breach, they’re going to post information up that they gather without any rules,” he said.

“We’ve got one set of rules that companies have to follow and then we’ve got an adversary that wants to expose information because they want to punish you for transgressions that they think you’ve done.”

Price added that executives should take the time to look at reports such as the Verizon data breaches report which will inform them of what is happening.

“SQL injection and cross site scripting are two of the most common attacks used by cyber criminals so check your public website for these type of attacks,” he said.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about AAPTAAPTAPTUniversity of LondonVerizonVerizon

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Hamish Barwick

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place