We've established that the hacker has only one objective, getting into your network. It doesn't need to be clever, and it certainly doesn't need to be sophisticated. The attack just needs to work.

Threats Against The Organisation

To counter any threat, the ECSA needs to carry out a security assessment, covering areas such as:

• Reviewing existing security policy within the organisation
  
• Creating a security benchmark for the organisation
  
• Determining security weaknesses within the organisation
  
• Identifying areas of greatest potential risk to the organisation
  
• Recommending actions and policies to mitigate risk to the organisation
  
• Providing a framework for regular monitoring

In this way, through exposing a "hole", or vulnerability of a network, it is the role of the Certified Security Analyst (ECSA) to determine the "fix", or countermeasures and mitigate risks to the security of the infrastructure. By the very nature of this work, the ECSA uses more advanced ethical hacking techniques.

At a fairly basic level, the ECSA may simply recommend user education, as some issues may be avoided just by telling users what not to do, what to avoid, how to detect an attack, and when they should call for help. It could be time well spent, as experts consider that the easiest way to penetrate a network is through the users.

Security assessments provide informed decisions about resource allocation, managing potential security risks and addressing them proactively.

Protection Against Threats

The need for security is fuelled by the need to protect data, together with the applications and infrastructure that support this most valuable of an organisation's assets. Whilst the internet provides access to global markets, and therefore potentially unlimited customers worldwide, it brings with it the need to protect data, applications and infrastructure against sabotage, malicious attacks or fraud.

Providing Secure Access

Customers forming part of a supply chain are required to forge links, and share information, with business partners, customers and suppliers. In so doing there is an implicit need to grant access to outside organisations, which demands access control solutions to protect the organisation's valuable assets.

The need to control access is not limited to external users, and equally applies to employees working remotely; for example, representatives, home workers, hotels, etc.

An assessment in this area therefore addresses the issues of access and identity management, and are likely to consider:

• Identity control, sometimes referred to as "The 3 A's" (Authentication, Authorisation and Accountability)


• User provisioning


• Centralised control to enforce security policies


• Policy based security infrastructure


• Security audit reporting


• Integrate access and identity management into a single infrastructure

Security Performance Reviews

Security is an ongoing process, with a need to monitor and review procedures on a periodic basis.

In addition to auditing existing policies and procedures, the objective of proactively protecting an organisation's resources may mean that security procedures are adapted to meet changes in either the internal or external environment. Changes may also be required to meet regulatory compliance.

CVSI offers the services of a Certified Security Analyst, to help identify weaknesses in your defences against unauthorised access. CVSI holds credentials awarded by EC-Council, and internationally recognised.