As was the case with the widely publicized Target breach, despite investing more than $1 million in sophisticated malware detection and endpoint protection, a successful data breach occurred when adversaries used stolen vendor credentials to gain access. A proper security assessment of an enterprise’s external business operations evinces the increasing role of external partners, suppliers, and service providers impacting the potential compromise of sensitive internal information. Because external relationships such as these are a reality of modern business operations, a proper analysis of vulnerability should examine an enterprise’s security strategy, policies and procedures, and the threat universe resulting from these external dependencies.
In light of recent incidents such as the Target breach and the Heartbleed bug, security remains top of mind for IT professionals. While most security solutions address only cyber-based threats, organizations need a more proactive and holistic approach to find, fix and protect potential vulnerabilities and reduce the likelihood of a security incident. In this slideshow, Armond Caglar, senior threat specialist at TSC Advantage, presents the six domains that every organization needs to examine to reduce risk.