12 things every computer security pro should know

Fighting the good fight takes specialized knowledge. Here's the baseline of what all security pros should know.

Few complex professions change with the velocity of IT security. Practitioners are faced with an average of 5,000 to 7,000 new software vulnerabilities a year. Last year that number was a gob smacking 16,555. That’s like springing 13-45 new leaks in your defenses every day, day after day, year after year. That’s on top of the tens of millions of unique malware programs that threaten your IT environment each year and all the human adversaries who are also trying.

Amid this deluge of constant threats, a single slip-up could compromise the crown jewels and put your company in an unwanted media spotlight, hurt your revenues, and get people fired.

This is not to say that your team can’t successfully fight back. Of course it can – and will.

Here are twelve things every computer security professional should know to successfully fight the good fight.

1. Your opponents’ motives

You can’t begin to successfully fight bad guys without understanding who they are and why they are after you. All attackers have their own origin stories and objectives, and these two things drive everything they do and how they do it.

Today, the hackers who threaten you do so with serious motives. Most fall into one of these categories:

  • Financial
  • Nation-state sponsored/cyberwarfare
  • Corporate espionage
  • Hacktivists
  • Resource theft
  • Cheating in multiplayer games

Even with today’s bad guys, though, every attack is not the same. Understanding the motive for it is an important key to solving it. Consider the ‘why’ along with everything else you do. That is the best way to determine what type of target your networks present. It might also offer clues on how to defeat your opponent.

Related reading:

2. Types of malware

There are three major types of malware: computer virus, trojan horse, and worm. Any malware program is an amalgam of one or more of these classifications.

A computer virus is a malware program that hosts itself inside of other programs, files, and in digital storage to replicate. A trojan horse is a malware program claiming to be something legitimate to trick humans into setting it in motion. A trojan horse does not self-replicate; it relies on the curiosity of humans to help it spread. A worm is a self-replicating program that uses code to spread itself. It does not need other host programs or files.

It’s important to understand these basic categories of malware so that when you do find a malware program, you can parse together the most likely scenario about how it got into your systems. This will help you understand where to look for the malware's origination and understand where it will likely spread further.

Related reading:

3. Root cause exploits

Each year IT security professionals face thousands of new software vulnerabilities and millions of unique malware programs, yet only twelve different root cause exploits allow each of those into someone’s environment. Stop the root cause exploits and you’ll stop hacking and malware. Here are the ten types of root exploits:

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!