To Breach Your Organization Hackers Only Need to be Right Once. Make Sure that One Time isn’t on Your Watch by Thinking like a Bad Guy In his latest article for SecurityWeek, previous CORE Security CEO, Mark Hatton suggests a good way to approach your security challenges is to "Think like an attacker." Whether you subscribe to the theory “defense wins the day” or “the best defense is a good offense,” there is one undeniable fact: in order to be successful, you need a solid understanding of, and appreciation for, both sides of the equation.
The best way to anticipate a move by an adversary is to put yourself in their position and ask, what would I do in the same situation? Studying the ways in which you would attack a given situation provides a strategic advantage when planning your defense. It’s actually a pretty simple approach and one that we all apply in our everyday lives without a great deal of thought or energy. For example, every time you park your car you take a moment to conceal anything of value from sight and lock the doors and hit the alarm. Or how about the process you undergo when leaving the house to go on a vacation? After ensuring nothing has been left behind, if you are at all like me, you take a walk through the house checking that all the windows are locked, the doors secured, nothing of value is visible and there are no other inviting signs to a would-be intruder.
When we do these things, we are thinking like an attacker or criminal and viewing our valuables through their lens. However, for whatever reason, when it comes to IT security, we often fail to take this approach. As a result, leave our networks and personal computing devices exposed. To read the whole article please visit: http://www.securityweek.com/think-attacker-better-defensive-capabilities