THINKING LIKE A HACKER TO PROTECT YOUR NETWORK
Vicki L. Ware
American Military University at Wheeling, WV
A network security team’s main goal is to lock down the network tight enough that hackers have a harder time trying to access the network. But leaving enough room that users can actually accomplish their jobs. One favorite network security outlook is to deny everything and then we won’t have to worry about hackers. Unfortunately that also eliminates the user’s ability to access the tools and information needed to completed their jobs. So how can network security teams accomplish their goals while allow the right amount of access needed for users to function. That is one of the key in itself, what is needed by their users to accomplish their job. Once these requirements are identified then the job of locking down the network can begin and be more effective. When trying to lock down and protect a network the network security team can concentrate on various aspects of the network, such as loss prevention, fraud prevention, loss of users and or customers Personally Identifiable Information (PII). This paper will concentrate on the security manager, protecting the network infrastructure, insuring integrity of information on the network and user education.
The Security Manager in the corporate world is known as Chief Information Security Officer (CISO) for those who are exclusively information security focused. (Slater, 2005) This title is more prevalent in the commercial sector than government sector with most government sectors referring to this person as the Information Assurance Manager (IAM) or an Information Assurance Officer (IAO).
The CISO and IAM are both charged with the same type of duties, that being the responsibility for the organization’s entire security posture, which includes both physical, personnel, technical, administrative, operations and information. These positions can...