ATP: Don't Give Up On Prevention - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
ATP: Don't Give Up On Prevention
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
yalanand
50%
50%
yalanand,
User Rank: Ninja
11/30/2014 | 7:00:10 AM
Re: Layered security
"@Dr. T: Most firms who are not related to software development do not care about much security, and they take whatever is given to them, it is only after being affected do they realize that the security measure they took was as old as the 1990's itself. Newer security measures, while costlier, give thousand times better protection from an inside as well as outside breach. "

@SunitaT: You are right, security measures are changing throughout and hackers are becoming more able. It is only necessary to make the most of freedom at the cost of tight security.
yalanand
50%
50%
yalanand,
User Rank: Ninja
11/30/2014 | 6:57:14 AM
Re: Don't Give Up On Prevention
"@SunitaT0, yes that is possible but I suspect that attacking back is going to get you some attention from your ISP.  I've had calls from mine a couple times when we were doing PEN testing on our own networks.  "We're seeing a lot of suspicious traffic coming from your network".  The ISPs are good at knocking down their customers when they get chatty but they don't see to have that same level of concern when the traffic is incoming."

@SaneIT: Thank you for clearing things out. The problem is that everything is trackable and unless you are a really good hacker, you can't hide from your network signatures all over the places you go.
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
11/24/2014 | 7:40:53 AM
Re: Don't Give Up On Prevention
@SunitaT0, yes that is possible but I suspect that attacking back is going to get you some attention from your ISP.  I've had calls from mine a couple times when we were doing PEN testing on our own networks.  "We're seeing a lot of suspicious traffic coming from your network".  The ISPs are good at knocking down their customers when they get chatty but they don't see to have that same level of concern when the traffic is incoming.
SunitaT0
50%
50%
SunitaT0,
User Rank: Ninja
11/23/2014 | 10:01:20 PM
Re: Don't Give Up On Prevention
@SaneIT: Maybe while somebody is trying to break through the layers of security in the cloud, maybe the cloud analytic systems would read the breaching patterns and devise a strategy to attack the attacker while he's breaching. This can be done through flushing his network with spam so that he cannot get through to the cloud and also the cloud analytic engines may be able to track from where the breach is occuring.
SunitaT0
50%
50%
SunitaT0,
User Rank: Ninja
11/23/2014 | 9:57:58 PM
Re: Layered security
@Dr. T: Most firms who are not related to software development do not care about much security, and they take whatever is given to them, it is only after being affected do they realize that the security measure they took was as old as the 1990's itself. Newer security measures, while costlier, give thousand times better protection from an inside as well as outside breach. 
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
11/17/2014 | 8:02:58 AM
Re: Don't Give Up On Prevention
Layering is good and making yourself harder to attack than the guy down the road is a valid exercise but it's not the same as hitting back.  Actions against people attacking private corporations are few and far between, and in most cases it is incredibly hard to get enough information to hand over to law enforcement so that they can follow up.  I would like to see something that could work at the ISP level, who become responsible for how their connections are being used.  If it's a matter of a misconfigured or infected device then they offer help to the owner of that device.  If it is obviously malicious intent then they cut them off and notify local authorities.
Dr.T
50%
50%
Dr.T,
User Rank: Strategist
11/14/2014 | 12:52:52 PM
Re: Don't Give Up On Prevention
  Some days I really wish we could hit back"

I hear you. Having a layered security measures in place would be like hitting back. When the attackers realize that they will not be able to penetrate it will be very disappointing for them, they will have to move next one.
Dr.T
100%
0%
Dr.T,
User Rank: Strategist
11/14/2014 | 12:49:59 PM
Re: Don't Give Up On Prevention
"risk management"

Good point. And lock of it. We aspect to avoid all these at attacks but most of us do not really do the homework of managing the risk. Without a risk management plan there is also tons of waste undret the name of security.
Dr.T
50%
50%
Dr.T,
User Rank: Strategist
11/14/2014 | 12:47:27 PM
Layered security
I agree with the article. No one security measure will protect us from the attackers. We have to apply a layered approach. Event most sophisticated prevention systems would not prevent everything unless you unplug your computer and do not connect anywhere. It has to be a layered security approach to minimize the risk of a breach.
SaneIT
100%
0%
SaneIT,
User Rank: Ninja
11/14/2014 | 7:21:32 AM
Re: Don't Give Up On Prevention
@zerox203, very valid points, while prevention is important it needs to start at a lower level and be a consistent theme.  I've had days where I wished I could attack back.  I've had former employees do dumb things, someone sitting in Russia constantly trying to log on to a service with a brute force attack, and as every IT person has no doubt experienced a current employee who is sharing passwords or always trying to get into things they do not have access to.  In most cases our hands are tied and the only thing we can do is put up another wall.  Some days I really wish we could hit back.  I know that there are a number of individuals who crusade against the black hats but I would really love to see an organization large enough to shut down some bigger threats out there.
Page 1 / 2   >   >>


2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Slideshows
10 Top Cloud Computing Startups
Cynthia Harvey, Freelance Journalist, InformationWeek,  8/3/2020
Commentary
Adding Fuel to the MSP vs. In-house IT Debate
Andrew Froehlich, President & Lead Network Architect, West Gate Networks,  8/6/2020
Commentary
How Enterprises Can Adopt Video Game Cloud Strategy
Joao-Pierre S. Ruth, Senior Writer,  7/28/2020
Register for InformationWeek Newsletters
Video
Current Issue
Enterprise Automation: Do More with Less
In this IT Trend Report, we highlight the benefits of automation and the various tools as enterprises navigate turbulent times, try to do more with less, keep their operations running, and stay on track with digital modernizations.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll