When it comes to cyber security, most of the world’s efforts are focused on securing the perimeter of their networks, much like securing the perimeter of your property to prevent unauthorised access with electric fences and burglar bars. It’s understandable, it’s how IT professionals have learned to protect their environments.
Securing the perimeter is crucial. However, an often overlooked threat may be lurking within your perimeter. It has been said that the vast majority of all cyber threats originate from inside an organisation.
Firewalls work – when people follow the rules. The key determinant of the success or failure of your defence strategy may be people. Notorious hacks locally and abroad often stem from human vulnerability. It’s our humanness that makes us prone to attacks and ultimately, the weakest link in the cyber security chain.
Take social engineering as an example. Consider a stranger walking confidently into your office building, blending in by the way they appear to have a purpose for being there. That stranger may even cleverly pretend to know people by sharing a few casual greetings with passers-by. The simplest way to kick off their criminal activity may be to make their way to the nearest network point in a common area and plug in their laptop. It happens, more often than anyone would care to admit in this and countless other social engineering forms – e.g. phishing and increasingly commonplace whaling attacks.
In a situation like this, the first line of defence is neatly sidestepped and a breach is sure to follow. Firewalls offer an extremely important level of protection at the perimeter, but they aren’t immune to insider threats. Quite simply, perimeter protection must be complemented by breach detection to ensure your security posture is more robust.
Breach detection technology is in the realm of deception technology, with the purpose of ‘trapping’ an unauthorised party. Breach detection devices, like ‘Honeypots’ look like one thing, but their purpose is to get hackers to reveal themselves and notify organisations at the right moment of unwarranted attention and access.
A mixed interactive ‘honeypot’ could save the day with one alert, when it matters most.
When asked why companies should be implementing Breach Detection solutions, Haroon Meer, founder of Thinkst Canary, the creators of world leading ‘honeypots’ says: “Because a few minutes to deploy (and a tiny price tag) means you know you are breached, before a foreign adversary exfiltrates 614 Gig of your future naval warfare plans."