The latest industry news, articles and events
In truth, a well-organised intrusion prevention and detection system may well protect your systems, but if your attacker is dedicating his or her life to exploiting you, then the chances are they will eventually succeed. If your organisation is targeted by an Advanced Persistent Threat (APT) then your infrastructure is likely to succumb to their persistence and determination, particularly if they are well resourced, as many are. Their methodology will afford them the time to test and retest their platforms until a weakness can be exploited.
Unbelievably, many security systems are implemented without regular testing; the assumption being that the very installation and activation will be sufficient to safeguard against intrusion. Recent breaches demonstrate that this is simply not sufficient. Consider you’re everyday behaviour for a moment. Do you leave the house and lock the door? I’m certain you do, but I’m confident that you check it too, just for good measure. It may only be a discreet tug on the handle but it reassures you and confirms that you’ve locked your house behind you. I bet on many occasions that you’ve turned the light off at night and settled into bed only to get up and pop downstairs to confirm that you did put the safety chain on and set the alarm.
These days a far more proactive approach to information security is required to mitigate the risk of compromise. Penalties for data loss are severe in direct financial terms, usually as a result of a fine (or fines) from your regulator. However the indirect penalties could be far more punitive, loss of reputation could affect your business and drive your customers to a competitor resulting in a significant loss of revenue.
And don’t be mistaken into thinking that compliance is security, it isn’t – there is often a diverse gap between being compliant and being secure. In order to accurately understand the risks involved you need to conduct a detailed risk assessment, quantifying the losses that might be incurred by even the simplest of breaches and then balance that with the cost of ensuring you remain safe and not sorry.
London: 0207 438 2045
Manchester: 0161 797 8123