Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

The Importance of Ethical Hacking: Emerging Threats Emphasise Need for Holistic Assessments, Says Frost & Sullivan

April 2012 by Marc Jacob

The need for more effective information security practices is increasingly evident with each security breach reported in the media. When adopting new technologies like cloud computing, virtualisation, or IT outsourcing, enterprises are facing imminent security threats and must adjust their security processes, policies, and architectures accordingly. Among the many options available to help customers to achieve this goal, organisations should consider the value of ethical hacking services, which are rapidly gaining attention as an essential security practice that should be performed on a regular basis.

The recently published white paper entitled "The Importance of Ethical Hacking: Emerging Threats Emphasise the Need for Holistic Assessments” by Frost & Sullivan, discusses benefits from independent ethical hacking assessments, the role of ethical hacking in an enterprise security architecture, as well as top technical concerns and solutions.

"The increased sophistication and success rate for recent cyber attacks is directly related to the shift in attacker profile, indicating that nation-states and large criminal organisations are funding well organised, highly motivated, and well trained teams of programmers," points out Frost & Sullivan Industry Analyst, Chris Rodriguez. "The elevated threat landscape therefore, urgently dictates the need for a comprehensive, real-world assessment of an organisation’s security posture. This assessment is a first vital step to enact effective security policies, procedures, and infrastructure that will prevent or mitigate the effects of a data breach."

The major challenge for businesses is the complexity of security requirements due to changing hacking tactics, myriad security vulnerabilities, evolving business practices, new business technologies, and emerging security technologies. Those numerous organisation-specific security challenges are best solved by professionals with extensive expertise.

Ethical hacking offers an objective analysis of an organisation’s information security posture for organisations of any level of security expertise. The ethical hacking organisation has no knowledge of the company’s systems other than what they can gather. Hackers must scan for weaknesses, test entry points, prioritise targets, and develop a strategy that best leverages their resources. The objectiveness of this kind of security assessment has a direct impact on the value of the whole evaluation.

"The result of such an assessment is an actionable report with valuable remediation advice tailored to the customer’s unique IT environment, capabilities, and security objectives," says Chris Rodriguez. "This helps businesses to prioritise their security efforts, fine-tune security tools such as firewalls and Intrusion Prevention Systems (IPS) devices, adjust policies, and identify any necessary training."

As organisations of all sizes and sophistication levels can benefit from objective, expert, third-party analysis, ethical hacking has become a more mainstream service in the past decade. "However, businesses still remain sceptical about the risk inherent with inviting a third-party to attempt to access sensitive systems and resources. To reduce this fear, businesses should hire only ethical hacking companies that implement practices to ensure privacy and confidentiality. They should also be accredited by international trade organisations such as the EC-Council and International Information Systems Security Certification Consortium (ISC),"advices Rodriguez.

Ensuring effectiveness of the enterprise security architecture should be verified on a regular basis. This represents a great challenge for increasingly sophisticated organisations due to complex IT environments which include security solutions, end-user awareness, policies, and new technologies. These systems not only change continually but also interoperate with each other and therefore must be tested as part of holistic assessment to best emulate a real-world attack scenario. "Ethical hacking services are the best way to attain valuable assessments and recommendations necessary to properly tune these complex security architectures," summarises Chris Rodriguez.

Frost & Sullivan has conducted extensive research in the ethical hacking market to identify latest trends in the European industry and published the white paper entitled "The Importance of Ethical Hacking: Emerging Threats Emphasise the Need for Holistic Assessments". This research has recognised High-Tech Bridge, a Swiss based company, as one of the market leaders and best service providers in the ethical hacking industry. If you would like to obtain a free copy of the white paper, please contact Joanna Lewandowska, Corporate Communications, at Joanna.lewandowska@frost.com

http://www.frost.com/prod/servlet/market-insight-top.pag?docid=258431092


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts