Organisations are continually investing in protecting and defending against substantial online threats. Significant levels of IT resources are being invested into costly technologies aimed at protecting against these new threats. Unfortunately, many of these investments fail to understand the methods of an external attacker and as a result fail to prevent a system breach. An external attacker has a number of advantages over an organisation including:
- Visibility – An organisation does not know when, how and from where an attack may originate and which method will be utilised; and
- Resources – Many external threat actors have significant time and resources available allowing them to try multiple methods over a longer period of time.
Despite all of the security measures implemented by organisations, a threat actor is often able to identify the weakest point in the systems defence and exploit it to achieve their desired objective. Organisations need to be ahead of external threats by being the first to identify these weak points.
Our advice is to take a proactive approach to security by incorporating Adversary Simulation or ‘Red Teaming’ as part of a security program to identify the weakest points within an organisation which an attacker may seek to exploit.
This method involves simulating the approach, mindset and techniques employed by real adversaries. Testing is not limited by a specific scope or a strict deadline and is delivered over a long period of time, typically 4 to 6 months, providing the time necessary to organise and carry out the simulations and to reach the identified objectives. Quality attack simulation involves the setting of objectives based on organisational requirements and objectives and crafting and executing scenarios that are likely to occur in the real world if your organisation is targeted. It should be noted that this approach is not limited to cyber-attacks and can include aspects of social engineering and physical access.