Security in a small or medium-sized business can be a balancing act. Most likely you don’t have the same resources as a large organisation, but you still need to keep your data, employees, and clients safe. And until you get breached, how can you be sure that they are?
The answer is to put your security to the test with a red team.
What’s a red team?
Taking its name from US military war games, red team security testing involves hiring external “white hat” (good guy) hackers to simulate how an attacker would try and get into your business.
This is a vital way of understanding your real-world security posture. Compared to other methods like penetration testing, red team security testing targets people and processes, as well as just technology, to get a complete picture of your unique weak points and the specific impact of a breach to your business.
Don’t assume you’re not a target for hackers
Just because your business is smaller than some, that doesn’t make you any less of a target for hackers. Cisco's 2018 Annual Cybersecurity Report (and our small business-focused infographic) show that nearly half (46%) of SMBs in Europe, the Middle East, Africa, and Russia suffered a security breach in the past year. For 59% of companies, a breach meant an outage of more than five hours. And a worrying 48% suffered damages over $500,000.
Red Team in action
“We worked with a company in Birmingham that had spent a lot on network security, assuming that if they can’t be attacked from internet, they would be ok. We found that their office Wi-Fi network was well secured, and the guest network was segregated off, which was great. But in the warehouse, they assumed that the only devices on the Wi-Fi would be barcode scanners, and that network wasn’t as well secured. Just by sitting in the car park with a laptop, we could get onto the warehouse network and work our way through to get hold of all their customer data and shipping details.”
This illustrates why an on-paper analysis of your security will never uncover the full picture. Technologies may be in place, but they’re often improperly configured.
Steps you can take to be more secure today
So how can SMBs reduce these risks? Our red team’s advice is to actually test your security to breaking point – either using an external party or on your own.
Think in the real world – and like a hacker
Try and use exploit techniques that a hacker would use – including social engineering. It could be that your greatest weakness isn’t your ageing firewall but the secretary who buzzes visitors through the door without checking ID.
Identify your prize assets
What matters most to your business? What would a hacker target for the quickest reward? It could be financial accounts, client details, or intellectual property. Concentrate on protecting what’s most valuable, because that’s what they’re looking for.
Test your IT systems regularly
Red teams get to know their clients well because they work together often. A regular testing regime should form part of your overall security strategy to validate your posture and provide a roadmap for future improvements.
While full red team engagements can be costly, small and medium companies can benefit from the an Incident Response Retainer. This provides access to some of the necessary testing and prevention expertise to help fill gaps in your in-house skills or processes.
About the AuthorFollow on Linkedin More Content by Ant Newman