Understanding 'bad guys' key in cyber warfare

Issued by
Johannesburg, Jan 9, 2013

It has become more important to understand what cyber criminals are doing in order to protect networks.

So says Dominic White, CTO of SensePost and member of the ITWeb Security Summit technical advisory committee, who points out that offence-oriented defence has become key in the battle against cyber crime.

[Sidebar]This, he says, will be a major focus of this year`s ITWeb Security Summit - SA`s major annual information security conference and expo. White says previous approaches to security management have included compliance-oriented, information-oriented, or vulnerability-oriented approaches.

“But it`s clear that right now, companies are suffering breaches from `bad guys`, who aren`t necessarily using new techniques. It is important to understand what they are actually doing by analysing what exactly takes place after the initial breach. We want to understand them better, get under their skins and look at their techniques, motivation and targets,” he says.

Key talks will focus on an intruder`s typical movements after a breach, how to go after them and what steps to put into place to protect critical systems and data.

In line with this, White will speak at the IT Security Summit on offence-oriented defence, outlining penetration testing findings on what slowed researchers down and what protection measures did not.

In addition, says White, the event will aim to bring to SA the year`s best information security talks from around the world, with a number of top international speakers set to fly to SA to address the conference, alongside local experts.

The event will also focus on current information security headaches such as BYOD and managing security in the cloud as cloud computing matures.

“In South Africa, we are seeing increased fragmentation in approaches among IT security managers,” says White. The Security Summit will aim to address their varied concerns and highlight the range of approaches and tools available to mitigate risk.

The ITWeb IT Security Summit 2013 will be held from 7 to 9 May at the Sandton Convention Centre. For more information about this event, click here.

Story by Tracy Burrows