Change your mindset – YOU are the attacker

Categories: Trusted Identity

It seems that for many years , actually probably forever, security professionals have behaved in a totally reactive way when it come to data breaches. For example, if a breach was identified and it was determined that it was an issue with user education then the team would try to educate the user. This whole model is flawed as we are behaving and acting like victims because we really can’t see the who, what, when, where and why of attacks that we are going to be targeted with. We need to move from defense to offence when it comes to protecting ourselves.

To be in the mindset of an attacker you need to have answers to the following fundamental questions:

  1. What are you most valuable assets? Where are these assets? How can they be accessed?
  2. If you were the attacker how would you spread malware? And who are the most ‘vulnerable’ targets in the organization?
  3. Do you have a view on the ‘normal’ behavior of your organization (people, behavior, locations and systems)?

As outlined in my previous blogs these questions aren’t new questions, they are the absolute basics of any sound security program yet we seem to get them wrong all the time and fall victim to attacks. So, it’s time to get on the offensive….

Here’s a quote from Sun Tzu, the ancient Chinese warrior general who even in those days understood really sound security strategies:

‘It has been said before that he who has known both sides has nothing to fear in a hundred fights; he who is ignorant of the enemy, and fixes his eyes only on his own side, conquers, and the next time is defeated, he who not only is ignorant of the enemy, but also of his own resources, is invariably defeated.’

Rashmi Knowles

Rashmi is Chief Security Architect at RSA, The Security Division on EMC. In her role Rashmi is responsible for Technology and Compliance Solutions for the EMEA region. Her current responsibilities include working with customers in a Trusted Advisor role, Thought Leadership for emerging technologies and key spokesperson in the region for RSA’s Virtualisation and Cloud strategy and Compliance Solutions and a subject matter expert on Data Loss Prevention and Encryption Solutions. Rashmi has over twenty years experience in data communications, mobile communications and has focussed on Information Security for the last 15 years. Rashmi holds a degree in Computer Science from the De Montfort University and a Post Graduate in Computer Studies from the University of the South Bank, London. Subscribe to Rashmi's RSS feed