Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Information Security Handbook

You're reading from   Information Security Handbook Develop a threat model and incident response strategy to build a strong information security framework

Arrow left icon
Product type Paperback
Published in Dec 2017
Publisher
ISBN-13 9781788478830
Length 330 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Darren Death Darren Death
Author Profile Icon Darren Death
Darren Death
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Information and Data Security Fundamentals FREE CHAPTER 2. Defining the Threat Landscape 3. Preparing for Information and Data Security 4. Information Security Risk Management 5. Developing Your Information and Data Security Plan 6. Continuous Testing and Monitoring 7. Business Continuity/Disaster Recovery Planning 8. Incident Response Planning 9. Developing a Security Operations Center 10. Developing an Information Security Architecture Program 11. Cloud Security Consideration 12. Information and Data Security Best Practices

Information security challenges

The threats faced by today's organizations are highly complex and represent a real danger. The ability to mount an attack has become very simple due to many factors including the following:

  • End user: End users that use our information systems are prone to clicking on website URLs and launching attachments in emails
  • Malware kits: Paying hackers for DIY kits to easily develop your own malware
  • Cloud computing: Cheap and easy access to computing resources helps to ensure easy access to processing power
  • Exploit subscription services: Underground services that an attacker can subscribe to, to get the latest exploits

An attacker can take these tools, string them together with tutorials found online (as well as their own knowledge and resources), and build a sophisticated attack that could affect millions of computers worldwide.

Modern computer systems were never really developed to be secure. From the very beginning, computers have had an inherent trust factor built into them. Designers did not take into account the fact that adversaries might exploit their systems to harvest the valuable assets they contained. Security therefore, came in the form of bolt-ons or bandages, for solving an inherent problem. This still continues to this day. If you look at a modern computer science program, cybersecurity is often not included. This leads us to the modern internet, overflowing with vulnerable software and operating systems that require constant patches because security has always been an afterthought. Instead of security being built into an information system from the beginning, we are faced with an epidemic of vulnerable systems around the world.

The computer power of the average individual has greatly increased over the past few decades. This has resulted in an increase of sanctioned, and unsanctioned, personally-owned devices processing organizational data and being connected to corporate networks. All of these unmanaged devices are often set up to accommodate speed and convenience for a personal user and do not take into account the requirements of corporate information security.

Many organizations see information security as a hindrance to productivity. It is common to see business leaders, as well as IT personnel, avoid the discussion surrounding security with the fear that security will prevent the corporation from achieving its mission. Implementing security within a project Systems Development Life Cycle (SDLC) may be fought against, as team members may believe security will prevent a project from being completed on time or viewed as an impediment to a business' financial gain. Tools such as multi-factor authentication (MFA) or Virtual Private Networks (VPN) may be resisted as the business might not want to invest the capital for such solutions, due to not understanding the technology and how it would minimize the cyber risk posture of the organization.

Overcoming these challenges requires that the information security leader has a strong understanding of the organizations that they work for and that communication is effectively maintained. The information security professional must integrate with all functional/business owners within their organization. This will allow the security professional to help determine the risk posture of each business area, and help the business owner make sound risk-based decisions. Information security must offer solutions to the business leader's challenges versus adding new challenges for the business leader to solve. Additionally, the information security professional must work and collaborate effectively with their counterparts in information technology. Many information security professionals focus on dictating policy without discussing what is actually needed. Work to foster a relationship where the information security group is sought out for answers rather than avoided.

You have been reading a chapter from
Information Security Handbook
Published in: Dec 2017
Publisher:
ISBN-13: 9781788478830
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime