In a recent Dark Reading event, Censys’ Alex Smith, a senior IT systems engineer, joined a panel of fellow experts to discuss trends and best practices for your business to thwart attackers. Alex explains that there is both a technological and people component to preventing a sophisticated attack from occurring. Much like hackers will use both weaknesses in code or configurations AND social engineering to obtain credentials to pull off an attack, companies should see their prevention strategy as two-prong.
A strong security culture paired with reliable, consistent monitoring of external-facing assets will keep attackers at bay, or at least at the lowest levels of your company’s IT systems. Your people should be trained year-round to spot irregularities and feel empowered to report suspicious messages. Further, a security team can only monitor and protect the assets they know exist. Having a reliable and updated database of external assets and existing vulnerabilities is essential to maintaining a secure attack surface.