Are You Prepared for War

Firms of all descriptions know all too well what an attack can be like. Those who were not adequately prepared or did not handle an incident competently are, in some cases, no longer around to talk about it.

Senior Security Manager for Scanit Middle East, Hidayath Ullah Khan, says he has discovered many firms are ignoring the need for even the most basic emergency plans in case of an attack while performing security audits for clients.

Some organisations choose to handle security incidents by ignoring the issue altogether, he says.

Many companies that have been attacked seem to want to forget about it without addressing the security breach itself. But ignorance is never bliss when it comes to IT security, and the incident catches up with the company'ss operations before long.

Hackers can freeze companies's entire online operations in a few hours. The time it takes a firm to get their services back online can mean hundreds of thousands, even millions, in lost revenue.

In early 2004, bookmaker William Hill suffered an attack and then received a demand for $50,000 from a hacker. The company experienced a dramatic fall in online gambling for the duration of the attack.

Many organisations are failing to recognise they's8217;ve been attacked in the first place, or choose to do nothing about it until they are rudely awakened by the effects of the attack, Khan says.

As an incident handler, I's8217;ve had many opportunities to help companies deal with their security incidents.

In most cases, we noticed the firms had been ill-prepared to deal with any type of security incidents from the outset, meaning sleepless nights for both parties until their incident was resolved.

And 'sprotecting's corporate systems from attack by using the latest anti-intrusion software or hardware is no longer enough, research shows.

US-based analysts, The Yankee Group, found in June the number of vulnerabilities in IT security products had jumped significantly in the previous 12 months. 's8216;The number of vulnerabilities for security products is expected to leap 50% if 2005 trends continue,'s8217; it forecast.

In January, the network security firm Mazu Networks found 47 percent of companies it surveyed had seen their networks attacked in the previous year.

Attacks are now bypassing traditional defences. Scanit has already shown how hackers can attack companies directly through web browsers used by surfing employees. This has shifted the security threat onto home ground.

The age old adage 's8220;chance truly favours the prepared mind's8221; is especially true when it comes to dealing with security incidents. The middle of a crisis is not the best time to determine what your company'ss next move should be.

Questions like: 'sShould my firm successfully contain the incident and return to business as soon as possible's or 'sShould I wait and watch, to gather more evidence to prosecute the attackers's are the kinds of career-affecting decisions that should be provided for before an incident arises.

If your organisation is prepared and you know what to do in the event of a security incident, then dealing with it is relatively straightforward.

The best way to prepare for and lower the risk of an incident happening in the first place is to have the resources, policies, procedures, tools and technologies in place, in advance.

Sidebar

Well-documented plans & procedure ensure that in the event of an incident, no part of your emergency strategy is forgotten or overlooked. Basic essentials to consider are

>Presumption of privacy: Outlining your organisation's8217;s policy on privacy will dictate whether you can monitor your employees or non-employees's PCs;

>Warnings: A warning banner on all corporate systems indicating that it is a private system and all activities are monitored;

>Response: Specify whether you intend to involve law enforcement in the event of an attack or deal with any incidents in-house;

>Skills: Your organisation must have trained and skilled resources to handle an incident. An untrained or un-skilled system administrator could inadvertently introduce more risks in the midst of an attack;

>Data Back-up and recovery: Your last clean back-up must be regularly tested so there are no surprises when you need it. Also consider installing software/hardware to detect and prevent attacks.

Incident Handling is similar to first aid. The carer is often under pressure and mistakes can be fatal. This basic set of rules will make life easier during an incident:

> Remain calm, don's8217;t hurry;

> Use out of band communication;

> Take good notes of the problem;

> Contain the problem;

> Backup the system, collect evidence;

> Eradicate the problem and get back in business;

> Conduct a 'slessons learned's exercise.

The bottom line is that preparation is paramount and prevention is better than cure. You will not need to use your emergency plan every day, but there could come a day where you are very thankful you made the relevant provisions for it.

Scanit is a leading home and corporate security systems company with operations in Belgium, Dubai and Iran. It is the prime services agent for Symantec in the Middle East. You can find out more about the company at: http://www.scanit.net

Scanits primary services include: Security audits, Company IT risk assessments, Incident Handling, Security Consulting, Technical Fraud Investigations, Awareness Campaigns, Secure Line Communications, Bulk Software Purchasing, Constant Update Modules and PBX penetration Testing.

Scanit offers a number of courses for IT consultants who want to learn more about hacking tools and techniques, including: Ethical Hacking, Exploit writing, Secure Web application, Wi-Fi security & anti-security, Telecommunications fraud and SS7 signalling.

Buy-out courses are available for companies wishing to train staff in the privacy of their own facilities. For more on training, see: http://www.scanit.net/courses

For further information or interviews, please contact:

David Michaux, CEO Scanit

Phone: +971 50 455 4031

↑ Grab this Headline Animator

This article has been robotically scanned and tagged by Prnewsnow with the following search tags. No human manipulation of these tags take place.
| Products | Hemp Com | |

4897 readers online...

, Local News

Subscribe in a reader