Infosecurity expert Dr Eric Cole is to urge companies to take a close look at their network structure, and change it to make attacks difficult for cyber gangs, in a speech given as he is inducted into the Infosecurity Europe Hall of Fame on May 1.
“Organizations need to recognize that they are going to be targeted, they are going to be compromised and they are going to be broken into,” Dr Cole said in an interview with Computer Weekly. He said that organizations should move from a focus on neutralizing known threats to finding unknown ones within their network structure.
Cole has 20 years of experience in the infosecurity industry, holds more than 20 patents, and is the author of books such as Advanced Persistent Threat, Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat.
Cole told Computer Weekly that many organizations simply wanted to boast of having put the “latest, greatest” defense technologies into their network structure – with the assumption that the “basics had been taken care of. But real cyber defense involves a more complex analysis of the networks under attack,” he said.
Infosecurity Europe said that Cole had been chosen as a “revolutionary thought-leader” who had provided intellectual input which advanced the infosecurity industry, and said, “In 2014 we are delighted to be inducting renowned security expert, Dr Eric Cole into the Hall of Fame.”
In his interview, Cole said that companies should accept that attacks will inevitably happen, and focus on reducing frequency and minimizing impact.
“The aim should be improve the capability to control, contain and manage what is happening in the IT environment in the event of a breach rather than focusing only on prevention. Organizations need to recognize that they need to do a better job at detecting and stopping the adversary by focusing first on four core fundamentals of security.
“Understanding one’s own network is key to this – both knowing what devices are on the network and understanding how they are configured.
“If you do not know what is on your network, you cannot defend it effectively If you do not know how devices on your network are configured and set up, you cannot know how to protect and secure them,” Dr Cole said.
Cole said that companies should also ensure that they have sufficient control over their networks to track and neutralize attackers once they have already broken in.
“Being able to analyze the traffic within your environment to detect compromised systems is what is really going to make a difference in security,” he said.
Author Rob Waugh, We Live Security