Written By Patrick Kilgore And Presented By Charles Leaver CEO Ziften
When you are at the Black Hat yearly conference there are conversations going on everywhere about hacking and cyber security and it can make you paranoid. For a lot of individuals this is simply an appetiser for the DEF CON hacking program.
A long time ago a story was released by the Daily Dot which was called “The art of hacking humans” which went over the Social Engineering “Capture the Flag” contest that has been running from 2010. In it, participants utilize the very best tool a hacker has at their disposal – their wits – and take advantage of flight of fancies and social subterfuge to encourage unwary victims to supply sensitive info in exchange for points. A couple of mistakes here, a remark about applications there, and a bang! You’re hacked and on the front page of the New York Times.
For the businesses being “Targeted” (such as huge box sellers who will remain nameless …), the contest was initially considered as an annoyance. In the years since its creation nevertheless, the Capture the Flag contest has actually gotten the thumbs up from numerous a corporate security professionals. Its contestants engage each year to evaluate their mettle and help possible hacking victims comprehend their vulnerabilities. It’s a white hat education in what not to do and has actually made strides for business awareness.
Human Hacking Starts With … Humans (duh).
As we know, the majority of destructive attacks start at the endpoint, because that is where the people in your company live. All it takes is access from a nebulous location to do major damage. But rather than consider hacks as something to react to or a simple process to be eliminated, we have to advise ourselves that behind every attack there is an individual. And ultimately, that’s who we need to equip ourselves against. How do we do that?
Considering that companies exist in the real world, we should all accept that there are those who would do us harm. Rather than trying to prevent hacks from occurring, we need to re-wire our brains on the matter. The secret is identifying harmful user behavior as it is happening so that you can react accordingly. The brand-new age of endpoint security is focused on this ability to picture user behavior, inspect and analyze it quickly, and then respond rapidly. At Black Hat we are revealing folks how they can continuously monitor the fringes of their network so that when (not if) breaches take place, they can be promptly tackled.
As a wise man once said, “You can’t secure what you cannot manage and you can’t manage what you cannot see.” The outcome significantly lowers time to detect and time to respond (TTR). Which’s no lie.