Think like a hacker. It seems so obvious but you might be surprised to hear that most cyber security professionals were taught to think about cyber security from a defensive standpoint. How to protect against a hacker’s attack versus asking the question, if I were a hacker how would I penetrate this network? Today, more than 90% of cyber technology expense is directed towards defense technology. The challenge is that current defensive tools are not flexible or dynamic enough to evolve and align with advancing hacking techniques.
I’ve spent my most recent professional career in cyber security beginning with an expansive career in the military, where I primarily led a classified cyber warfare group. In this capacity, I came to understand many aspects of cyber security that I later applied while establishing my cyber security start-up Pcysys.
Here are my top 3 tips that are paramount to keeping your organization secure and they all center around thinking like a hacker:
Tip 1: Think like a hacker. Always
This is the number 1 consideration. You must always think like a hacker when you are making decisions about your cyber defense. I thought about this in particular when hiring my cyber defense team.
During my time in the military, I was tapped to lead a cyber warfare group in the Israeli Defence Forces. The main objective of this unit was to test our network infrastructure to see how vulnerable our systems were to hacker attacks. My first order of business was to hire a team. I interviewed countless candidates with stellar backgrounds in computer science. I dismissed many of them. The hackers that wanted to penetrate our systems were relentless, skilled and bad-intentioned professionals, and I needed people that could think just like them and act just like they did. In short, I needed to hire a team that knew how to incorporate a hacker’s perspective; that could essentially be the hacker - a person that wouldn’t eat or sleep until they penetrated our own network. Knowing how we could attack our own systems would give us far more information to help us defend ourselves than merely fortifying our security defenses. I would encourage every company to have one member of their cybersecurity team whose dedicated roll is opposition focused and that person should possess a rebel mindset.
Being aware of how a hacker thinks and acts will keep you on the offense. And offense is always the best defense.
Tip 2: Validate your network frequently
The persistent nature of hacker attacks combined with today’s advanced exploitation techniques are such that they give hackers the ability to take advantage of vulnerabilities at any opportune time. This makes it nearly impossible to protect your organization using traditional cyber security methods.
We estimate that 80% of cyber defense will be automated in the coming years and it’s important for an organization to incorporate intelligent, machine-based defensive software that operates 24/7. The ability to perform, for example, machine-based penetration testing that continuously thinks and acts as hackers do, is the best way to make sure that businesses have their cyber defense line as tight and strong as possible.
Tip 3: Protect yourself on the inside
One of the main pillars of a comprehensive cyber security strategy is to build up and strengthen your defensive walls (firewalls, WAFs etc.) to keep hackers from getting in, but what many people in cyber security don’t realize is that most attackers are already inside. To protect your company’s crown jewels, you need to strengthen your security systems from within to prevent irreversible harm. If you follow some practical advice you can greatly reduce the likelihood of an attack:
- Least Privileges. By granting least privileges to users based on their required scope of work, you can limit a users ability to access your company’s crown jewels.
- Strong Passwords. Maintain a strong password policy. Passwords should be long, complex and non-trivial.
- Monitor and Challenge. Monitor and challenge your network on an ongoing basis. Doing this will give you an accurate read of your "security status" and be able to find out where are your critical vulnerabilities are.
This Blog first appeared in Cyber Defense Magazine Aug 2018
Arik Liberzon Founder and CTO Pcysys was founded by Arik Liberzon, who lead an Elite Cyber Warfare group at the Israeli Defence Force’s computer service directorate. His group was responsible for penetration testing into strategic asset networks and national mission-critical systems. Following a decade of mastering the Penetration Testing profession, Mr. Liberzon modeled his mastership of ethical hacking into software and together with the serial IT entrepreneur, Arik Faingold, founded Pcysys in 2015.