Catch a Thief by Being One : Let us Get Started - Part I

The recent IT landscape has forced the organizations to go online with every ounce of data they have. In the current scenario, Data is everything and if that is made public, securing and classifying it becomes a top priority.

When we talk about Security, three basic elements called as Infosec CIA triangle comes into our mind i.e. confidentiality, integrity and availability.

Each and every effort should be put in to ensure above three things. There are so many techniques to protect the data and to ensure these in an organization but the key point is that above three attributes of data must be protected.

Although these elements are so common, they are most effective principles which a Security Engineer can cling upon. Now, that we have already discussed the basics of Information security. Let us get into the real discussion of catching a thief by being one.

The whole idea behind starting this series was to change the mindset of people who think by deploying multiple security components, all the snags related to InfoSec will be resolved.

For detecting an attack or attempt to attack, the security analyst must have to think like the perpetrator. How a hacker or attacker will prepare himself for the actual attack and how he will actually perform it. Once the question of “How” is answered, it will be a piece of cake for an analyst to put a control on the loopholes to stop the attack.

In this article, we will discuss different challenges one might face while securing an environment.

The very first thing which an attacker does is to identify the prospective victims to estimate the maximum gain of data. The value of data is also determined in this phase. The impact of attack and loss to the victims is also determined at this stage. Following are possible challenges an attacker put in front of us:

  • Data leakage
  • Defacement
  • Mobile Security
  • Balancing the functionalities and Security
  • New emerging Malware
  • Business Interruption

These above-listed challenges are just the glimpses of the hurdles we are up against with. There are so many daily-emerging threats to the IT landscape. On a daily basis, the sophistication of cyber criminals and their style of attack is increasing which puts us in a position where we have to keep learning and exploring about new vectors.

One most crucial challenge, which is faced by most of the security experts, is to Strike a balance between the functionality of any system and security of this system. It is a golden thumb rule that if you put more focus on securing the systems, functionality will be degraded and putting more focus on functionality may demand exceptions in your full-proof system.

Another giant issue of Vulnerability research, identification, distribution and closure are also faced by a Security engineer. An attacker always looks for new vulnerabilities in the IT systems, they do a rigorous research for identifying any new type of vulnerabilities and once the vulnerability is identified, the exploit will be prepared immediately to have an unauthorized gain out of it.

The challenge here for security engineers is to have a cope up with the attackers. We also have to do the same level of research and analysis in search of any open new vulnerability in our network. Once the vulnerability is identified, we can easily find out the closure mechanism for this. The only major issue is to have the same pace in this activity as of an attacker.

If a team can successfully anticipate the future challenges, all the issues will be resolved before it appears. Although, it is said easily, but doing it actually is a lot tougher than said. One always has to keep himself open to new areas to explore, I would like to quote great scientist Stephen Hawking who said, “The Greatest enemy of knowledge is not the ignorance, it is the illusion of knowledge”.

Authored by Punit Dwivedi
TCS Enterprise Security and Risk Management

Rate this article: 
Average: 1 (2 votes)
Article category: