Blog Page

Uncategorized

How does red teaming test the ultimate limits of cyber security? – ComputerWeekly.com

Getty Images
Hacking can be a dirty word. It evokes images of a person sitting in the dark with a black hoodie on, hunched over a keyboard, in front of multiple screens, attacking an innocent business, or individuals, online. It automatically generates thoughts of terrible ransomware attacks and cyber criminal gangs with names such as Evil Corp.
But cyber criminals have a foe – ethical hackers. We hack companies to show them their weaknesses so they can fix them before they are breached.
Companies are aware that cyber attacks are increasing by 50% year on year. With organisational spending on cyber security at an all-time high, firms are spending significant amounts on their security infrastructure. I’m often asked: How can we know that our cyber security is working effectively?
My advice to companies is simple – invest in a red teaming test.
Red teaming is the practice of simulating a multi-layered cyber attack that tests the effectiveness of every aspect of an organisation’s security. Rather than running the risk of financial and reputational damage after being hit by a ransomware attack, hire ethical hackers to simulate an attack to unearth vulnerabilities, so that they can be addressed before it’s too late.
Cyber attacks – like when Revolut was breached in September 2022, revealing 50,000 customers’ sensitive data – may have been prevented with a red teaming test that would have pinpointed the threat social engineering posed to the team.
For a company to be put through its paces, it needs to be tested through active and proactive attacks of both its virtual and physical systems, using the same tactics, techniques and procedures as cyber criminal groups are using right now. My team typically carries out a red teaming mission in five steps:
Red teaming exercises provide a comprehensive look at just about any tactic, vulnerability, or entry point cyber criminals might use to breach your systems. Without one, companies will never know how secure their systems are.
With almost 90% of hacks due to human error, it’s important to test your employees’ cyber defence abilities. And unlike a simulated penetration test, staff are unaware that a red teaming mission is underway against them – almost like a mystery shopper. It truly is the best way to improve overall security, with the bonus of reinvigorating your staff’s commitment to cyber security by putting them through their paces.
This may be unsettling to hear, but the only real way you can determine the effectiveness of your security is by getting hacked. Red teaming tests employ both virtual and physical methods to probe for weakness, exactly as a cyber criminal would. Knowledge is power. Find out what your weaknesses are so you can put in place the defensive and offensive protections to mitigate them.
 
When building a list of emerging technologies to watch, it’s essential to also consider sustainability — a concept gaining more …
Looking for information on digital transformation? Our list of 12 must-reads covers everything from formulating a digital …
Technology managers will be boosting cybersecurity, optimizing previous investments and staying on top of AI — while they also …
Security teams faced unprecedented challenges in 2022. The year ahead appears no less daunting. Here are the cybersecurity trends…
A consensus of industry professionals rank these 10 security certifications as the most coveted by employers and security pros –…
What do existing extended detection and response products provide? Learn about EDR+, SIEM+ and Comprehensive options, which all …
When planning wireless network capacity needs, tally your total endpoints, monitor application bandwidth usage and consider …
Private wireless networks enable more control over networks, but they aren’t right for every organization. Here’s what to …
Arista’s new switches provide more options for enterprises and higher speeds for bandwidth-hungry hyperscalers. The latest …
Quantum computing has lots of potential for high compute applications. But the technology is still in the early stages, so it may…
Data lakes and data warehouses both store big data. When choosing a lake or warehouse, consider factors such as cost and what …
Classical and quantum computers have many differences in their compute capabilities and operational traits. Know their …
Expect more organizations to optimize data usage to drive decision intelligence and operations in 2023, as the new year will be …
These 10 roles, with different responsibilities, are commonly a part of the data management teams that organizations rely on to …
These eight challenges complicate efforts to integrate data for operational and analytics uses. Here’s why, plus advice on how to…
All Rights Reserved, Copyright 2000 – 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information

source