Red Tiger Team Simulation
Organisations are continually investing in protecting and defending against substantial online threats. Significant levels of IT resources are being invested into costly technology aimed at protecting against these new threats.
Unfortunately, many of these investments fail to understand the methods of an external attacker and as a result fail to prevent a system breach. An external attacker has a number of advantages over an organisation including:
- Visibility - An organisation does not know when, how and from where an attack may originate from the and method which will be utilised; and
- Resources – Many external threat actors have significant time and resources available allowing them to try multiple methods over a longer period of time.
Organisations are not entirely defenceless against these external threats and can deploy a number of measures including:
- preventative measures (e.g. regulation/compliance, security controls, business continuity, secure coding);
- curative measures (e.g. incident response, digital forensics, data loss prevention); and
- pro-active measures (e.g. penetration testing, security assessments, security awareness).
These measures are generally effective against most traditional threats; however, they are not sufficient to prevent a determined attacker using more modern attack methods. Despite all security measures implemented by an organisation, with significant time and resources a threat actor is often able to identify the weakest point in the systems defence and exploit it.
Organisations need to be ahead of external threats by being the first to identify these weak points. Traditional security assessments such as penetration testing focus only on a portion of the organisation, whether it be a specific application or the digital perimeter of the organisation. Feisty Fox Security believes that proactive security must be improved and extended to the entire organisation and performed periodically to ensure protection from an ever-changing threat environment.
