In recent years, adversaries have demonstrated that they have the upper hand. Most organizations are in a “reactive” mode, only responding to the attacks that are detected by them or reported to them, without an understanding of their real security posture. Off-the-shelf products are marketed as a solution but do not provide an effective defense and create a potentially dangerous false sense of security. Given this reality, it appears that the traditional information security approach is archaic and has failed to keep up with the changing attack landscape in the 21st century.
SCI believes it is paramount to innovate creative solutions to stay ahead of your competition, i.e., the attackers. We build custom technologies that are designed to counter specific threats that are unique to our clients. These technologies are cleverly integrated into a client’s own systems, infrastructure and intellectual property to optimize protection and anticipate threats. Our cybersecurity approach is proactive, employs unconventional tactics while also providing measurable success in deterring attack and theft.
Attackers are familiar with traditional defenses and countermeasures. For an organization to gain an advantage, it must introduce an unfamiliar or stealth capability that annoys the attacker and forces them to make more moves to attack the network. This will increase the likelihood that they will make mistakes and be detected, as well as provide the means to determine attribution – who and where they are located.
But what if the attackers are successful in stealing intellectual property? Because compromise is inevitable against the best defenses, it is necessary to build-in custom countermeasures, such as embedding a beacon on ex-filtrated data to identify the sources of attack, modifying files so that they are rendered unusable when executed, or embedding code on the stolen data that corrupts the perpetrators’ systems.
In a targeted attack, the attackers certainly know what they are looking for and have devised tactics to compromise the environment as well as conduct the search. What is most important to an organization is detecting and preventing the attack while deterring theft of its crown jewels. With those goals in mind, it doesn’t make sense to conduct a penetration test with less knowledge than would-be attackers, but it does make sense to conduct the test with full knowledge to test the actual security posture of the organization in protecting its most valuable assets.
We scope our penetration testing engagements from the “inside-out”, starting with the crown jewels you want to protect, where they are located and how they are protected. From this perspective, we then try and steal them. This provides the only real results that count – how effective are the security controls in detecting and preventing the theft of the crown jewels?
Security Assessment and Engineering
Firewalls are still an important component of information security, however, long gone are the days when a single firewall protected a company network from the outside world. It takes several comprehensive security technologies acting in concert to provide an adequate degree of protection. In modern networks, it is important to utilize both logical and physical partitioning using firewalls and application-aware technologies. Innovative controls need to be implemented such as blackhole servers to capture beaconing malware, application whitelisting technologies and browsers that are impervious to drive-by exploitation.
Our security assessments take into consideration defense-in-depth and the actual attacks experienced by a broad range of industries in order to provide an effective engineering solution that encompasses proven techniques.