Companies need to understand where their most likely cyber threat will come from, and what the hackers are capable of, before they can mitigate risks.
So says Tyrone Erasmus, managing consultant at MWR InfoSecurity South Africa, who will present at ITWeb Security Summit 2015 later this month.
Erasmus notes the top five lessons that can be learned from recent cyber hacks are:
* Performing perimeter security is only the start. There is a lot more to consider to ensure a high standard of security in an organisation.
* Security is not only the IT department's problem and cannot be solved by buying security products alone.
* Having well-configured detection systems that monitor business assets is key to detecting and responding to attacks.
* Building a company culture that promotes a high standard of everyday information security is critical to staying secure.
* Don't be naive about an organisation's level of security. Know your posture and constantly work to improve it. Spend time becoming informed on the types of attacks that people are performing against organisations similar to yours and test if these attacks would work against yours.
Erasmus notes, if organisations actively pursued a higher level of security using an informed approach, they would be able to prevent, detect and respond to attacks better.
Threats that could affect a company depend on the size and industry sector of an organisation, says Erasmus.
"The motivation and capability of your most likely threat actor is an important aspect to consider. It is tough to say which threats are growing as this depends on whose perspective you are seeing it from.
"Amateur hackers that run tools against Internet-facing infrastructure may be easier to detect and classify. However, a team of skilled professionals that work for a large crime syndicate or a nation state work in the shadows and are inherently hard to classify and gather statistics about."
Erasmus adds mitigating against risks requires understanding the likely threat actor, and their capabilities. "Use this as input to build an effective security programme within your organisation."