Security Assessment basics

By Bradley Wolfenden

As we land in the final quarter of Calendar Year 2019, highlighted by October and the 19th annual Cybersecurity Awareness Month, the team at EmberSec has drafted a breakdown of the basics of security assessments to make them more accessible and applicable to your business. While we all know that building cybersecurity awareness and implementing best practices are much more than a month-long mission, October reminds us that each and every one of us needs to do our part to make sure that we keep our online lives safe and secure.
 ​

What is a Security Assessment?
The Internet has become the backbone for capitalism across the globe, and with this digital transformation data has eclipsed oil as the most valued commodity around. This means one thing: no business is too large or too small to become the target of malicious cyber activities. As the world turns toward Cloud-native technologies, analytics, e-commerce, Internet of Things (IoT), and other 3rd party services that introduce new zero-day vulnerabilities and expand the threat landscape, the integrity and confidentiality of transmitted data (i.e. electronic Protected Health Information- ePHI, Personally identifiable information- PII, and corporate private data), must be a driving factor in your decision-making processes and overall security strategy.

When done effectively, security assessments provide a complete picture of an organization’s cybersecurity posture and plan. In short, this includes the identification and assessment of all assets within the network environment and defines key security controls to be implemented in order to prevent misconfigurations, limit risk(s), and expose blind spots.
 
Why Security Assessments are a MUST for Businesses of ALL Sizes

•  The U.S. National Cybersecurity Alliance found that 60% of small companies are unable to sustain their businesses over six months after a cyber-attack.
• Per the Ponemon Institute, the average price for small businesses to “clean up” after their businesses have been hacked stands at $690,000. That number for middle-market companies is over $1 million.
• Small and mid-sized businesses are hit by 62% of all cyber-attacks, approx. 4,000 per day, according to IBM.

The idea that only the largest and most established companies are at risk of being compromised is one of the great myths in cybersecurity. In fact, the reality is that given their size, lack of skilled staff, budget restrictions and the frequent absence of a response plan, small and mid-sized businesses are “low hanging fruit” for cyber criminals.  

Whether or not your IT security strategy relies solely on installing an anti-virus software, firewalls, and encryption technology, or you have a robust set of security controls in place, regular security assessments are critical. Not only will they help to build a culture of security in your organization, but they also provide better insight into internal training needs, capture existing gaps and potentially harmful vulnerabilities in your network, ensure compliance with industry regulations, and offer suggestions to improve your security best practices and resiliency.
​
How EmberSec Can Help
Driven by a passion for being on the front lines, EmberSec delivers cybersecurity services and solutions designed to defend your enterprise now and protect it for the future. Our cybersecurity team is made up of engineers and operators with decades of expertise in the fields of threat emulation and neutralization, security infrastructure development, and cyber risk analysis, providing a full spectrum portfolio of technical and managed offerings.
​
At EmberSec, our Security Assessments are customized to best reflect your business needs and goals, and designed to accurately evaluate existing risks. After the assessment is performed, EmberSec breaks down the discovered gaps and vulnerabilities into levels of severity and defines the potential damage should they be exploited. This newfound knowledge empowers the customer to make more informed decisions, better allocate resources, determine tooling and training needs, and implement innovative solutions

Overview: The planning phase of a Security Assessment determines the scope of all operations to be performed.
Internal Recon: This includes enumeration, and the identification of networks, hosts and users.
Vulnerability Discovery: Vulnerability scanning finds exploitable conditions and allows for manual investigation efforts.
Exploitation: To demonstrate impact, exploits are delivered to circumvent vulnerabilities and security controls.
Post-Exploitation: After a successful exploitation, information is gathered and exfiltrated, lateral movement is performed, and enumeration establishes persistence.
Reporting: A complete synopsis of discovered vulnerabilities broken down into levels of severity.

The age of digital transformation means it is no longer enough to simply be IT-literate. Now more so than ever, individuals and organizations alike must become CYBER-literate to combat the invasive and persistent nature of today’s cyber threats.