Practicing SAFE Security
When you ask most non-technical people about cyber security the answer they almost always give will involve viruses and malware, but to experienced IT people those things are the least of what they have to worry about. To people on the front lines of cyber security, penetration concerns are paramount and are generally unrelated to the viruses, malware and other things that a general consumer has to worry about.
Penetration concerns revolve around two different types of security breaches. The first of these is an invasion from an outside source, but even these can take on different forms. For instance, the attacking party might have limited – or even zero – knowledge of your systems. This means that they would basically be trying to break into your system from scratch. At the other end of this spectrum, they may have gained access to source code, network layouts or may even have some passwords. This could have happened from a malicious or unintentional leak and simply makes the job of the hacker that much easier.
In either case, the end result can be devastating to a company and can lead to loss of data, including important company data or, more importantly, the information of people who have done business with the company. Probably the most famous is the recent intrusion on the Sony network in which hackers gained access to the account information of over 100 million customers.
One of the best ways to prevent this type of attack is to hire cyber security professionals to secure your system and even hack it to reveal vulnerabilities. With this method of hacking, possibilities are explored in different levels, sometimes known as black, white or gray box tests. A black box test assumes that the attacker has no knowledge of your network layouts, source code or passwords; a white box test assumes they know almost everything about these areas and a gray box is assuming that they have some knowledge of your systems and passwords. The gray box test is usually what would result when the attack is from a lower or mid-level employee who either feeds his limited knowledge of the system to the attacker or who is conducting the attack himself.
Interweave Technologies can assist in your cyber security initiatives whether you are in the market to hire a penetration tester or are a small business looking simply to enhance your security. The security professionals at Interweave have an in depth knowledge of cyber security and can assist your company in preventing attackers from getting into your network and gaining access to your confidential information.