Who should be doing the snooping? A while back I saw this interesting ad on television, it was for a security system for your home. What made this security system unique was that it had a feature that had cameras on the inside and outside of the house that allowed you to monitor what was going on when you were not there. It even allowed you to speak to the intruder to let them know you are watching the theory being that they will stop or go away if they know they are the ones getting watched.
This is a very clever design of an already thought of security system. And that security system has been developed by many in the cybersecurity industry. It is a group of technologies that not only snoop for hackers and cyber criminals. But the technologies are extended to doing things like trapping the hacker in a safe space away from your data and even letting them know they are being watched and trapped.
Who Is Snooping Who?
In fact, if a cyber criminal knows that you are watching them there is a greater likelihood that they will go somewhere else and find an easier softer target. I will cover this in detail in my upcoming book, “One False Click: How to protect yourself in the coming cyberwar.” Remember our goal is not to be perfect in our cycbersecurity defense, it is to be better than the other possible targets forcing the hacker to go somewhere else. We talked about this here. We want to be the hard target not the soft target. This will take a little effort but is not out of the bounds of today’s technologies and if supported by the correct processes.
So when we think of snooping on the internet we normally think of cybercriminals snooping through our private or sensitive data this is true. But it does not have to be like this we can be the ones doing the snooping also, and I highly recommended it as a part of your cybersecurity strategy.
How Do We Snoop?
This is easier than you may think. Snooping on the end user side is a perfectly legitimate exercise and should be conducted on a regular basis by your cybersecurity support be it in-house or contracted via a security provider. You should be demanding a complete surveillance solution of inside traffic as well as traffic attempting to enter your facilities. This surveillance should be ongoing and persistent. A few guideline, some of which were discussed in this post. Here are items to keep in mind:
- Make sure to monitor real-time traffic, and log it for study later.
- Make sure this information remains confidential and does not contain user information such as passwords.
- There should be an ongoing reporting exercise so executives are getting a summary.
- The technologies used should be of a later model 3 years or less.
- All people operating this technology should be up to date and certified.
This type of strategy should fit right into your layered security strategy and will see you in good stead moving forward. Remember you do not have to be an engineer or a security expert to understand these requirements and to enforce them within your organization. This is perfectly achievable within any non-technical organization with the right help.