Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Security Issues That Deserve a Logo, Part 2: Subversion

During the past year, a new trend in security experienced a meteoric rise, with headlines in both the mainstream and tech media, simply because vulnerabilities were marketed with catchy names and logos. In this blog series, I share with you critical security issues that haven’t captured the media’s attention, but that deserve serious discussion.

What is your biggest security issue?

When talking to senior security leaders in an organisation, one of my favourite questions to pose is “What is the biggest security issue you currently face?” The responses vary wildly depending on the maturity of the company, geographical region, current issue du jour being discussed at conferences, or just their plain old bias. However, the common theme often centers around a particular nation state, an interesting emerging threat vector, a lack of buy-in from the business to solve the problems faced, and compliance crushing their ability to do what is right rather than what is mandated.

Subversion

One of the most surprising responses I received recently was from the Head of Risk and Compliance at a bank in the Middle East. We started chatting after we both delivered presentations at a conference, with his covering the important and interesting issue surrounding the communication of risk to the business. After the usual ice breakers, I went ahead and asked what his biggest issue was, interested to hear his perspective. Rather than going for the more expected range of answers, he caught me off guard with an eloquent rant that led to my next security issue that deserves a logo and catchy name: Subversion.

Insider threat

With the workforce in his region—often transient and frequently from outside the host country—he had experienced multiple issues with several staff being bribed for information. It seems that the technical controls his team had put in place were circumvented by a well-placed $10,000 investment in a disgruntled or apathetic employee. Have you spent $250,000 on firewalls? That can be easily circumvented by persuading the right person to install a small bit of code for a wad of cash that would be difficult to walk away from. Do you have the latest and greatest encryption and DLP to protect your data? A $1000 back-hander to the cleaners could buy a surprising amount of information printed on old school paper.

Insider threat is a well-known problem that many professionals face, but is often seen as less of a priority

Insider threat is a well-known problem that many professionals face, but is often seen as less of a priority with the mindset of border defence and defending against outsider threat still getting more focus. It’s not surprising; we are constantly hearing about another cybercrime gang plundering millions from unsuspecting businesses via the latest zero day rather than the more sensitive and trite issue of corporate espionage, but it doesn’t make it any less important or likely to occur.

Attackers won’t use a sledge hammer to crack a nut, they’ll use the easiest and cheapest path to achieve their goals

One of the first lessons I learnt in information security is that attackers won’t use a sledge hammer to crack a nut, they’ll use the easiest and cheapest path to achieve their goals. Why risk the discovery of a previously undisclosed and valuable vulnerability to gain a foothold in an infrastructure when someone is willing to give up access for a smaller price? In fact, why use a valuable vulnerability at all when there are probably many already disclosed and unpatched issues waiting to be exploited? But that’s a rant for another day.

Safeguards

Mindsets have to change from a border-centric security approach to a data-centric perspective

There are technical and physical controls to mitigate many of the problems caused by Subversion. Continuous monitoring for unexpected and anomalous behaviour, secure shredding solutions for paperwork and clean desk policies, siloing of data allowing visibility to only those who should have access. But mindsets have to change from a border-centric security approach to a data-centric perspective. Otherwise, Subversion could be leveraged to spirit away corporate secrets and customer information easily—something I think that is worthy of a logo and a catchy name.

In my next blog, I’ll introduce you to EagerBeavers.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training