As the Chief Marketing Officer for our Corporate Office, I get asked the question a lot – where should I focus? Or how should I prepare my cyber defenses to thwart a hacker attack?
My answer is that in order to protect from a hacker, you need to think like a hacker. Another thing to keep in mind that “the strength of your security program is only as strong as your weakest link”. Hackers are not interested in trying to break into your systems by exploiting the strong links. They only focus on the weak links.
So, you ask – what are the weak links in most organizations:
1. The number 1 weak link are the people. That’s why the phishing emails are so popular. The type and nature of phishing emails has changed over the years, but the motive is the same. Trick the people into clicking or providing sensitive information so that the hacker can either infiltrate your networks or use the information provided to further exploit your network
2. The number 2 weak link is the external facing network, which includes your web applications. If your external network (which is accessible to your customers, vendors and suppliers, is also accessible to the hackers) has vulnerabilities, then the hacker can exploit those vulnerabilities and potentially access your internal network. For example, a SQL injection attack could allow the hacker to download the entire backend data base which could contain sensitive information
3. The number 3 weak link is your wireless network, which if not configured properly could allow the hackers to penetrate your internal systems or monitor the traffic on your wireless. Free tools like Wireshark could be used to monitor the wireless traffic if the wireless access point is not configured to encrypt the traffic or if the encryption is weak.
We are excited to see our India subsidiary open and look forward to working with you all as you comply with the recent Sebi requirements.