From CISO to suspect: IT professionals and Hacking
When hackers strike, the focus is on damage control and securing systems from being breached further. But, we often forget about the role IT professionals play among the madness and mayhem that occur when your information security is being targeted. When the chaos has died down, everyone wants to know how it happened in the first place and, most importantly, who to blame.
This is when IT professionals are put in the spotlight. The consequences of a successful hack tend to fall upon the IT departments, sometimes “soft targets” if you will, because they’re generally always in direct contact with hackers. Keep reading to find out more about why IT professionals can easily get into trouble following a hack, as well as what they can do to protect themselves both personally and professionally.
CISOs Can Get Fired (Or Worse) Over a Security Incident
When faced with the challenge of an imminent hack, the response and immediate steps taken by IT professionals, especially organization security leaders such as CISOs and CTOs, are of utmost importance. Not just to safeguard the company’s systems, but also to protect their career. The most common consequences for an IT professional who hasn’t reacted to a hacking incident in an appropriate manner are job loss and charges being brought against them.
What happens when their responses appear to be “questionable”? For Example, is the case of former Uber chief security officer Joe Sullivan, Sullivan was involved in paying hackers $100,000 in Bitcoin after they stole 57 million Uber customers’ information. Consequently he was fired and charged with obstruction of justice and concealing a felony when the firm’s new CEO found out. He is not the only one. In their 2018 State of Web Application Security report, Radware reported that 23% of companies had executives fired in relation to an application attack.
It may seem like all doom and gloom for IT professionals and chiefs of security when hackers infiltrate the systems they’re responsible for protecting. Yet, according to a study by Goldsmiths University of London and Symantec, 26% of IT security pros who had experienced a breach reported that they were less likely to feel stress about their job. Sometimes, the fear of an event is more terrifying than the danger itself. But what about the dangers you don’t see coming?
The Dangers of the White Hat World
It goes without saying, hackers are pretty smart people! They prey on your emotions and make sure their every move is planned out carefully. That’s not a good thing for IT professionals who are at risk of playing into the hands of hackers. A somewhat unassuming, innocent comment made with the right intention while communicating with a hacker can be easily misconstrued. This is where IT professionals can put themselves at risk of being blameworthy.
But even while staying on the right side of the fence, in the white hat world, the lines can get blurry very fast. Dealing with hacking means dealing with hackers, and that’s a danger in itself. This is particularly the case for IT security consultants who operate as bug bounty hunters and are often faced with the zero-day exploit market. In this world, coding experts track and share vulnerabilities, along with commercial offers, with companies at risk as part of efforts to help secure their environment.
IT Security Consultants in the Grey Zone
In such an environment, it’s sometimes hard to distinguish ethical behaviors from darker tactics. From white hat bug hunters pressuring a CISO for a paid mission to get back to safety, to black hat hackers selling their findings to the highest bidder, pardon the pun but it’s really sometimes just 50 shades of grey. If you fancy a career in this line of work, make sure to always bring an impeccable record and attitude to avoid being the next self-proclaimed ethical hacker in jail.
It’s not all that fun out there for white hat hackers either. Take the case of white hat hackers Justin Wynn and Gary DeMercurio, for example. They were authorized to carry out a professional penetration test by the state of Iowa, which had signed a contract with Wynn and DeMercurio’s employer, Coalfire Labs. Only then, they were arrested by the sheriff’s department, charged with trespassing and felony burglary, and left to defend themselves amid a high chance of prison time. This illustrates how being the good guy can be a matter of perception in this intrinsically complex world of IT security.
Negligent It Professionals Can Face the Brunt, Too
You don’t have to be a CISO, or a renamed IT security consultant, to get into trouble over a hack. Even regular IT managers are at risk of getting sacked if they don’t take the necessary steps to ensure their firm’s IT security is in place. What steps can they take to safeguard their system?
1. Shadow IT
Shadow IT refers to the use of IT systems, devices and softwares that aren’t explicitly approved by an IT department. An example of shadow IT is using your personal email account to conduct business. Shadow IT is a growing pain for IT professionals as it prevents them from maintaining secure environments.
To identify and manage shadow IT, IT managers can:
- Monitor their network for new and unknown devices.
- Prioritize risk by blocking high-risk services via your existing infrastructure or asking users to refrain from using them.
- Create a list of approved software and applications beyond the standard issue software and share it with all employees.
- Offer alternative solutions to software products that have been blocked or banned.
- Restrict access to third party applications, such as SharePoint and DropBox
- Offer users of Shadow IT amnesty, and develop and implement a safer solution.
2. Email Ecosystem Security
Phishing attacks are one of the most common forms of hacking at present. IT managers can protect their systems from the threats of business email compromise by using a trusted source like EasyDMARC. EasyDMARC offers domain protection and tools to monitor every aspect of your email authentication. By authenticating and protecting their DMARC, SPF, BIMI and DKIM records, IT managers access powerful and effective protection from phishing attacks.
By making use of EasyDMARC’s services, you can:
- Prevent data leakage
- Protect your company against financial loss
- Prevent customer loss
- Secure your email accounts
3. System Updates
Using patch management is a great way to ensure that your systems are never outdated and that any security flaws are fixed, thereby preventing hackers from exploiting them. Your CISO will thank you for that ! This process focuses on mitigating risk and it involves the acquisition, review, and deployment of patches, which are pieces of software code, on your company’s systems.
By using patch management, you can:
- Reduce the attack surface to minimize your exposure to cyberattacks.
- Improved productivity because all your applications will have the latest updates.
- Prevents types of malware that can spread through a network fast.
- Identify whether any of your software vendors are no longer in operation.
IT Professionals Don’t Wait for Hacks, They Prevent Them
It’s in the best interests of all IT professionals to do everything they can to protect their company’s systems. From CISOs to IT managers, this isn’t just important for the firm’s wellbeing, but also for the safeguarding of their jobs. If you’re an IT professional, remember to check out these three protection methods and software:
- Monitoring shadow IT.
- Securing your email system with the likes of EasyDMARC.
- Update your systems using processes such as patch management.
And if you are specifically working in the twilight zone where IT pros go into the digital trenches to detect and fight hackers, be sure to always be irreproachable on what you do and why you do it. Getting hacked isn’t a nice experience, and chances are, there’ll be a lot at stake if you fall victim to a hacker, or if you end-up are tangled in a complex hacking case. So, make sure you’re vigilant, exercise caution when communicating with a potential hacker, and always be protected!