November 26, 2015. In today’s high-tech world, companies no longer face threats solely from internal or external sources. Rather, it’s actually a combination of both. Threats can come from external sources, like phishing emails and hackers, and internal sources, such as employees clicking on suspicious links, or any company’s worst nightmare, a rogue employee leaking data or holding their confidential data hostage for ransom. The threats are real, and everywhere, but most companies still pay attention to one or the other. If a company is monitoring external threats, it’s safe to say they might not be aware about any internal threats, and vice-versa. Penetration testing (pentesting for short) is seen by many IT people as just another step on a checklist. In light of the recent hacking attacks and data breaches on regional organizations, companies need to realize that these threats can come from anywhere, at any time, and that full internal AND external assessments are needed to ensure the safety of their confidential data.
Before we delve into the reasons why a combined internal and external assessment is necessary, let’s take a look at each one separately, and see what each brings to the table. First off, internal assessments. An internal assessment, as the name suggests, looks at a company’s internal infrastructure, and measures the security. Common finds from internal assessments include malware from inappropriate downloads and hidden torrents. These drive malicious traffic to places like China, which is not the place you want your employees’ Personally Identifiable Information (PII) to go to. Internal assessments are more widely used than their external counterparts, but that doesn’t mean that it’s the only way to go.
Now, let’s look at external assessments. These types of assessments look at the external security infrastructure of a company. Common results from external assessments include fake social media profiles and black PR (which is basically negative PR that hurts a company). Phishing is a serious external threat. Basically, cyber criminals will try to attract a person to click a link (usually in an email or social media post). The employee, naïve that it’s a malicious link, clicks it – now, the criminal has full access to the employee’s machine and his/her company’s network. If left uncheck, the problem becomes rampant, as the criminal reaps in the spoils of his work. The worst part is that external assessments are used sparingly, and usually as a standalone process, not in conjunction with an internal assessment.
That’s all for Part 1. In Part 2, we will delve into the reasons why YOUR company SHOULD run internal and external assessments. Thank you for your time, and see you in the next post.