Attack Mitigation – Assume the worst

I have recently been catching up on what was happening at the RSA conference from San Francisco this year and what some of the key security trends are.  One thing that has jumped out is the move from ‘we can protect you’ to you are or will be hacked so what can we do to mitigate the damage and catch the malicious individual or group.

This has been coming for a few years with the increasing use of cyber-warfare by governments and the military, and the emergence of APT (Advanced Persistent Threat) where well funded criminal gangs will expend a lot of time, money and skill to gain long term and potentially subtle footholds in company systems.  These factors, along with all the ‘standard’, existing threats and continued successes of social engineering attacks such as Phishing have lead many security leaders to suggest that you have likely already experienced a breach and you will, not may, experience breaches in the future.

This is backed up by research from the Ponemon institute that suggests 70-80% of organisations have experienced a data breach within the last 20 months.

So in addition to the standard perimeter and control type solutions there are now vendors and consultancy firms offering solutions to limit the damage that occurs when these preventative measures fail, and at the same time capture as much information as possible to aid in the tracking down and capture of the attacker(s).

This is an interesting wake up call for both the security industry and all companies – the protective measures we have relied upon for years work, but they are far from infallible and will fail when face with a concerted effort or a duped user who already has system access.

A couple of interesting references covering this in more depth;

Dark Reading – http://www.darkreading.com/advanced-threats/167901091/security/news/232602708/security-s-new-reality-assume-the-worst.html

Bruce Schneier – http://www.schneier.com/blog/archives/2012/04/attack_mitigati.html

The Dark Reading article is particularly interesting, and it’s well worth reading both sections.

Remember – your company’s systems will be breached.. What will you have in place to minimise the damage and assist in preventing the attackers from doing the same to more organisations?

K

Your smartphone is your PC!

Well nearly..

You can now run a full version of Ubuntu on your Android phone;

http://news.cnet.com/8301-1035_3-57424335-94/androids-new-ally-against-the-iphone-ubuntu/?tag=nl.e703

While phones are clearly not yet as powerful as laptops, they are becoming powerful enough to run standard productivity applications and web browsers etc which accounts for the majority of non gaming PC / Mac use.

This clearly marks a leap forward in that direction as well, allowing you to run what is in reality a fully fledged O/S with full versions of Open Office etc.

Plug your phone into a TV or monitor, use a Bluetooth keyboard and you are all set with a mini PC..

Luckily enough I’m about at the end of my current contract so will be swapping to an HTC one X in the near future.  I’ll download and give this mobile Ubuntu version a try then report back.

The future with your PC in your pocket, literally, is almost here!

K