Threat Management – Protecting Critical Assets
Protecting critical assets (people and information) is completely dependent on several factors:
- What is the value of information you have in the hands of a 3rd party?
- What are the resources of potential attackers?
- What is their technical expertise?
You can divide attackers into several groups:
- Attackers looking for targets of opportunity – these attackers are using known vulnerabilities and widely available tools to compromise targets that don’t follow good security practices. If you get compromised, sometimes it is just matter of being in the wrong place at the wrong time. For these types of attackers you want to reduce complexity of your infrastructure, classify data properly, and implement your basic security controls.
- Attackers going after a target of specific interest – these attackers place tremendous value on access to specific information or people inside your organization. These attackers are well funded, patient, and very technically competent. The amount of security controls, network complexity, and sophistication of the company don’t seem to impact the likelihood of being attacked successfully.
What type of attackers are you worried about? This decision is critical to how much and kind of security controls and process implements.