What have I done to learn about Information Security over the past quarter of a century.
What do all attacks or exploits have in common?
How does data move across your network?
Do you have a fundamental of the basic terminology dealing with network types and standards.
I learned about common network hubs, switches, and routers from auditing and performing general controls reviews for Tribal Internal Audit under the approval of the Tribal Council's Independent Working Member and the Director of Tribal Internal Audit.
Our mission was all about protecting assets, mostly with a physical security theme, but with some logical security included as well. I began with card-key access system to help ensure only those proper authorization had access to our systems and data centers. From there, I was involved in incident response, including raising the need for business continuity and disaster recovery planning in light of potential risks at the time.
Prevention is ideal but detection is a must.
A key way that attacker gain access to a company's resources is through a network connected to the internet. A company wants to try to prevent as many attacks as possible, but in cases where it cannot prevent an attack , it must detect it in a timely manner. Therefore, an understanding of how networks and related protocols like TCP/IP work is crucial to being able to analyze network traffic and determine what is hostile.
With the rise in advanced persistent threats, it is almost inevitable that organizations will be targeted. Whether the attacker is successful is successful in penetrating an organization's network depends on the effectiveness of the organization's defense.
Defending against attacks is an ongoing challenge, with new threats emerging all the time, including the next generation of threats. Organizations need to understand what really works in cyber security. What has worked, and will always work is taking a risk-based approach to cyber defense. Before your organization spends, a dollar of its technology budget or allocate any resources or time to anything in the name of security, three questions must be answered?
1) What is the risk 2) Is it the highest priority risk 3) What is the most cost effective way to reduce the risk.
Security is all about making sure your focus on the right areas of defense.