Announcement

Collapse
No announcement yet.

Intrusion Tests: Good Training v. Looking to get fired?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intrusion Tests: Good Training v. Looking to get fired?

    I wanted to throw this question out for discussion.

    Do you believe that mock intruder tests are good for sites in testing on how well security is at a particular site or is it just something that can be used to get people fired?

  • #2
    I think it can go either way, depending on the "intruder's" intentions..

    The local nuclear plant's security team does intruder drills on a regular basis, asking outside groups to attempt a breach. They've been doing it for years, from what I've heard. So it must work well for them.
    Corbier's Commandos - "Stickin it to the ninjas!"
    Originally posted by ValleyOne
    BANG, next thing you know Bob's your Uncle and this Sgt is seemingly out on his a$$.
    Shoulda called in sick.
    Be safe!

    Comment


    • #3
      Many technical security companies will perform external threat assessment audits. Part of this is attacking the social and physical side of the information infrastructure... Walking right into the place like you own it with a bag, getting to somewhere nice and quiet, then setting up the laptop and Wi-Fi router and hacking into the system from inside the place.

      One of the twists that we have on this audit is that after its done, we will train the contract/in-house security personnel in how to detect information warfare agents (I love that term) who are attempting an attack from the inside.

      It is NOT normal for two people to be sitting in an empty conference room with a laptop and a network cable. Or worse, a wi-fi router (or anything else for that matter) oddly laying in a hallway or disused cubicle.

      More and more IT firms are learning that there is a physical side to information security that isn't just "put a password on the PCs."
      Some Kind of Commando Leader

      "Every time I see another crazy Florida post, I'm glad I don't work there." ~ Minneapolis Security on Florida Security Law

      Comment


      • #4
        Originally posted by N. A. Corbier View Post
        Many technical security companies will perform external threat assessment audits. Part of this is attacking the social and physical side of the information infrastructure... Walking right into the place like you own it with a bag, getting to somewhere nice and quiet, then setting up the laptop and Wi-Fi router and hacking into the system from inside the place.

        One of the twists that we have on this audit is that after its done, we will train the contract/in-house security personnel in how to detect information warfare agents (I love that term) who are attempting an attack from the inside.

        It is NOT normal for two people to be sitting in an empty conference room with a laptop and a network cable. Or worse, a wi-fi router (or anything else for that matter) oddly laying in a hallway or disused cubicle.

        More and more IT firms are learning that there is a physical side to information security that isn't just "put a password on the PCs."
        Nathan, were you in Tampa when SAC had MacDill AFB?
        Military branches do conduct these exercises as well as other government agencies.
        Nathan you have highlighted an area where we as a security community are just now coming to grips with, the IT and Physical Security divide. Until a chasm to wide to cross. It was a mind-set of which the mind's eye could not fathom. After many serious breechs, physical security has come to the fore. Many IT professionals look upon physical security professionals as the unwashed. That has to change.
        Thanks for your insightful observations.
        Enjoy the day,
        Bill

        Comment


        • #5
          I was put on a post approximately 500 feet from the Main Gate, MacDill AFB post 9/11. The post was commercial, a bank (That shouldn't be hard to find out what it is, the place is huge!), and a credit union at that. We were under Facilities Management, and the FACMAN personnel were all retired AF. Most of the higher ups were also retired military.

          Some of us were authorized to fill in at the post armed, mainly because the FACMAN personnel understood how much trouble it is to remove a level 3 retention holster from your duty rig just to work one post for the night...

          Part of our duties included making the morning coffee. Part of our duties also involved using four repossessed vehicles at each pedestrian entrance as bollards, arranged in a v-formation two vehicles deep, to prevent vehicle-based IEDs from slamming into the facility.

          The reason that this was done was not because the facility was a primary target. The facility's threat level was so high because we were so close to the main gate that the 6th SFS might abandon their gate post to render assistance, or that someone could slip in during the resulting confusion due to the explosion.

          Nothing is more fun than working a post that is basically one giant diversionary target.
          Some Kind of Commando Leader

          "Every time I see another crazy Florida post, I'm glad I don't work there." ~ Minneapolis Security on Florida Security Law

          Comment


          • #6
            Nothing is more fun than working a post that is basically one giant diversionary target.
            Nathan, you and your comrades were the expendables. There should be an nicer way to say that but in reality, that's what you were.
            Enjoy the day,
            Bill

            Comment


            • #7
              I believe that red-team exercises and table top exercises are an essential part of the security training continuum (planning, training, exercise, update... then do it again)

              John
              "People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf." G. Orwell

              Comment


              • #8
                Originally posted by john_harrington View Post
                I believe that red-team exercises and table top exercises are an essential part of the security training continuum (planning, training, exercise, update... then do it again)

                John
                Kudos John, kudos. There is only one thing missing on the part of a lot of folks in this business and that is, a desire to excel.
                Enjoy the day,
                Bill

                Comment

                Leaderboard

                Collapse
                Working...
                X