A good security defence is the best offence: Experts

Tips for creating policies that will keep the enterprise’s crown jewels safe

University of London Professor Paul Dorey and Black Swan Consulting director, Keith Price.

University of London Professor Paul Dorey and Black Swan Consulting director, Keith Price.

Rather than talking about how secure your enterprise is, IT executives need to own up to the fact that it is insecure and take defensive steps, according to two security experts.

Speaking at the Cyber Security Summit 2012 in Sydney, Black Swan Consulting director, Keith Price, and University of London CSO confidential and security faculty, Professor Paul Dorey, provided delegates with a number of strategies to improve security from within the corporation.

Read more from the Summit: AFP assistant commissioner calls for data retention laws

Get the right security tools

According to Price, IT executives need to resign themselves to the fact that they cannot protect attacks, only detect them.

“In order to detect them you are going to need very complex, expensive and sophisticated tools to discern an attacker’s traffic from the normal traffic that already exists in your environment,” he said.

“To be able to respond, you’re also going to need a series of well-rehearsed scenarios and respond lightning fast.”

Professor Dorey added that the hardest thing for CSOs and CIOs is getting security resources for the operation component because costs inside organisations are under huge scrutiny.

He said that buying the technology is a start but the real problem is the cost of the staff to do the analysis and resourcing.

“Staff can be hard to get hold of and most budgets can’t withstand that level without executive management standing up and backing it.”

Enterprise defensive action

According to Price, enterprises need to be more defensive, find out the “crown jewels” of information that the business runs on and protect the assets from within.

“Stop talking about how secure you are because you’re not. Start talking about how insecure you are and deal with the problem of insecurity.”

Identifying attackers

Professor Dorey suggested that IT executives build up information on cyber criminals gathered from law enforcement agencies or other legitimate sources.

Price agreed as one of the ongoing issues for corporations in trying to deal with groups such as Anonymous is that, “we don’t know who they are or where they are based.”

“Like we saw recently with the AAPT data breach, they’re going to post information up that they gather without any rules,” he said.

“We’ve got one set of rules that companies have to follow and then we’ve got an adversary that wants to expose information because they want to punish you for transgressions that they think you’ve done.”

Price added that executives should take the time to look at reports such as the Verizon data breaches report which will inform them of what is happening.

“SQL injection and cross site scripting are two of the most common attacks used by cyber criminals so check your public website for these type of attacks,” he said.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about AAPTAAPTAPTUniversity of LondonVerizonVerizon

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by Hamish Barwick

Latest Videos

More videos

Blog Posts