Justin Hall is Director – Security Services for CBTS. In Part 2 of this 3-part series, Justin discusses how to better understand the “attacker mindset.” In Part 1, Justin discussed the process of developing a background in enterprise IT.
Practitioners in the security industry are charged with protecting organizations and their assets – their computing environment, data, employees, and customers. Understanding the threats against which you are defending is critical to this protection effort. What are they after? How do they achieve their goals? What can you expect when you face them? What countermeasures and strategies are effective to employ?
The best defenders of a network are used to thinking like an attacker. So how does one develop this mindset?
Plenty of folks in our industry started as so-called “black hats” – those who attack, disrupt, or compromise computer systems for financial gain, to back a political or social cause, or to cause havoc. While this is certainly an effective approach, it’s usually not legal.
I’ve found that listening to industry veterans and seasoned practitioners, as well as former black hats, is a much better option. In that vein, try attending security conferences and events where you can listen to these folks speak and provide formal training. There’s also a good opportunity to learn about the ever-changing threat landscape, new attack techniques, and new tools.
Hundreds of security conferences take place all across the United States and other countries – look at a list and find one in your area. A way to meet local practitioners, especially ones that might be interested in providing you guidance and mentoring, is to find a Security BSides conference, which are assembled and executed by volunteers. And if you can’t make it to a security conference, most nowadays are recorded and posted online.
We can also learn to stop attackers by looking at the best practices agreed upon by experts from the security community, regulatory bodies, and technology vendors. Dozens of these standards have been used by practitioners for years and make excellent reading material if you’re looking to get ready for the industry:
Lots to read and watch! Come on back soon for part 3.
Read more about Security offerings from CBTS. And read this case study to learn how CBTS helped an enterprise client form a security strategy to advance their maturity, increase their risk management capabilities, reduce the attack surface for each business line, and improve their overall corporate security posture.