Written By Patrick Kilgore And Presented By Charles Leaver CEO Ziften
When you are at the Black Hat yearly conference there are conversations going on everywhere about hacking and cyber security and it can make you paranoid. For a lot of individuals this is simply an appetizer for the DEF CON hacking program.
Some time ago a story was published by the Daily Dot which was named “The art of hacking humans” which discussed the Social Engineering “Capture the Flag” contest that has actually been running from 2010. In it, participants use the very best tool a hacker has at their disposal – their wits – and utilize tall stories and social subterfuge to convince unwary victims to supply sensitive info in exchange for points. A couple of errors here, a remark about applications there, and a bang! You’re hacked and on the front page of the New York Times.
For the companies being “Targeted” (such as huge box sellers who will stay anonymous …), the contest was initially deemed a problem. In the years since its beginning however, the Capture the Flag contest has actually gotten the thumbs up from numerous a corporate security experts. Its participants engage each year to evaluate their nerve and assist prospective hacking victims comprehend their vulnerabilities. It’s a white hat education in exactly what not to do and has actually made strides for corporate awareness.
Human Hacking Starts With … Humans (duh).
As we understand, the majority of harmful attacks start at the endpoint, since that is where the humans in your company live. All it takes is access from a nebulous area to do severe damage. However rather than think about hacks as something to react to or a mere procedure to be eliminated, we need to remind ourselves that behind every attack there is a person. And ultimately, that’s who we have to arm ourselves against. How do we do that?
Because companies operate in the real world, we must all accept that there are those who would do us damage. Rather than attempting to prevent hacks from taking place, we need to re-wire our brains on the matter. The secret is identifying destructive user habits as it is occurring so that you can respond appropriately. The new era of endpoint security is focused on this ability to picture user habits, inspect and examine it rapidly, and then respond quickly. At Black Hat we are showing folks how they can continuously monitor the fringes of their network so that when (not if) breaches occur, they can be swiftly tackled.
As a wise man once said, “You cannot protect what you cannot manage and you can’t manage what you cannot see.” The outcome drastically lowers time to identify and time to respond (TTR). And that’s no lie.