Yesterday’s Leadership Daily Advisor discussed the increasingly corporate focus of cyber threats. Today we outline ways to beef up your own organization’s threat defense to help protect the most important information assets you maintain.
Information technology (IT) giant Cisco’s 2017 Annual Cybersecurity Report studied the actions of 3,000 organizations and their security practices. It found that many have made a number of defensive moves, including separating IT and security functions (done by 38%), increasing security awareness training for employees (38%) and implementing risk mitigation techniques (37%).
In addition to reviewing security practices—such as patch and control access points to network systems, applications, functions and other data—make sure you’re covering all the bases by applying an established risk identification tool.
Model a Threat Exercise
Rate the threats that your top-rated information assets face. Many organizations base their method on Microsoft’s STRIDE threat-classification model to better gauge the probability of certain risks, which is simply derived from an acronym for the following six threat categories:
- Spoofing identity, such as illegally accessing and then using another user’s authentication information, such as username and password.
- Tampering with data, which can involve unauthorized changes made to information held in a database—plus the alteration of data as they flow between two computers over an open network, such as the Internet.
- Repudiation or threats associated with users who deny performing an action without other parties having any way to prove otherwise. Example: Someone performs an illegal operation in a system that lacks the ability to trace it.
- Information disclosure—that is, to people who aren’t supposed to have it. This can occur when users read a file they shouldn’t have access to, or an intruder reads data in transit between two computers.
- Denial of service, which can happen by making a Web server temporarily unavailable or unusable.
- Elevation of privilege, in which an “unprivileged” user gains “privileged” access—at a level high enough to compromise or destroy the entire system. This is an especially dangerous situation, as the attacker effectively manages to get through all your defenses, becoming part of the trusted system itself.