Blog

Five Steps You Can Take to Reduce a Hackers’ Advantage

Thinking like a hacker may help you prevent a future attack.

As Dark Reading points out in a recent article, most IT professionals live in a state of constant fear that their companies will be the target of the next high-profile security breach. One way to counteract that fear is to achieve continuous vigilance, or what the article refers to as continuous security validation. Most IT teams are reactive, addressing events as they occur, or worse, after the fact. Organizations need to change their mindsets and think of continuously challenging their security defenses.

In other words, IT teams need to think like hackers in order to anticipate the enemy’s next move. Start with the most direct question: What does the hacker want to steal? By running breach simulations centered around your most valuable assets, you can begin to establish a knowledge base of how hackers work and look for the most effective way to stop them from stealing credit card data, Social Security numbers, source code – whatever you’re protecting.

The goal is to reduce the hackers’ advantages by getting inside their heads based on the most recent threats. Let’s summarize these five steps that can help you turn the advantage to you.

  1. Use a hacker playbook. Start by understanding the path a hacker would use to infiltrate your network and extract something of value. Guides such as The Hacker Playbook gives practical tips for penetration testing, such as the best ways to run breach simulations that challenge your organization’s security defenses and learn if security gateways are adequately protected. Security managers need to incorporate comprehensive hacker breach techniques into their toolkits in order to anticipate increasing threats.
  2. Run simulations in a real environment. Network attacks are dynamic, so simulations in an actual production environment are the only way to know if someone can infiltrate your network. You’ll want to ensure that the hacking simulation challenges your defenses without having a real impact on your network.
  3. Focus on the kill chain. Analyzing your entire kill chain enables you to determine your weaknesses and the most effective way to stop a potential breach. If simulations show hackers can easily steal user privileges to gain access to the network, you may decide that focusing on the access layer makes the most sense. Identifying your most critical breach points means you can prioritize where you can most effectively break a step in the kill chain.
  4. Take a continuous approach to security. There are dozens, perhaps hundreds of hackers focused on infiltrating your network. What’s more intimidating is knowing they only have to succeed once while you have to succeed 100% of the time. Continually validating your security assumptions means never resting on your laurels when it comes to your people, processes, and technology. Keep asking these questions: Are your security controls working as expected? Is your security operations center ready for a breach? And, how often are you validating our risks? Some companies do it once a day, others run validations when they make modifications to security policies.
  5. Make a cultural shift with your security team. Traditionally, companies have a “red” team that mimics hackers exposing flaws in the network. This red team then reports issues to a “blue” team that manages security operations for them to be addressed, sometimes leveling blame. Better to implement a new mindset in which the red team continuously monitors the network, and works closely with the blue team to identify effective ways to reduce exposure to attacks.

While Observable Networks can help you discover imminent attacks with endpoint modeling, continuous security validation is equally critical to organizations like yours that need to achieve vigilance and a proactive mindset to combating hackers. Consider these five steps as an effective place to start if they are not already part of your security strategy.


Experience Dynamic Endpoint Modeling on Your Own Network

Getting better visibility into your network and improving your security couldn’t be easier. Sign up for a free, no-risk trial of Observable’s Endpoint Modeling solution, and change the way you see security.

Detect Threats Faster – Start Your Free, No-Risk Trial