White said this could be because there are actually more attacks, or companies have got better at spotting them – or a combination of the two.
Mitigating an attack
“ As for mitigations, there’ s not a simple answer,” said White.
“ The attacks are done by human beings, who can’ t be treated like a natural phenomenon. For example, a tsunami may never have caused a rise in water level of x metres, so tsunami defences can be built at x + 20m to make sure they defend against future tsunamis. Human beings, on the other hand, will treat a defence as a target. If they’ ve never jumped a 10m wall, building a 15m wall will just encourage them to learn how to clear 15m. What this means is that a good defence is made up of multiple controls at multiple levels and that these controls need to be able to react to a human attacker( through detection and response).”
Dominic White, Chief Technology Officer SensePost
“ It’ s also increasingly clear that these defences can’ t be general defences. The more successful defences are those contextually relevant to the organisation. For example, defining a list of known safe software for a business function and limiting it so only that can be executed is likely to be more successful than just installing an anti-virus.”
White said SensePost offers three primary services to clients to help protect their networks and databases: security assessments, managed security services, and security training.
“ The services we provide are aimed at helping customers to understand their exposure, giving them expert advice, and teaching them what we know.”
This includes reviews of critical software and reducing vulnerabilities in new applications before launch, providing managed vulnerability scanning and managed phishing services, and teaching security practitioners – from beginner to advanced – to defend their networks. ■
63