SOAR Platform / Blog / The Mind of a Hacker – What To Know About Cyber Risk

The Mind of a Hacker – What To Know About Cyber Risk

Members of SecOps teams all across the globe gear up for war every day when they show up for work. With the current climate of the cybersecurity world, many insightful tips can be taken from a book written approximately 2,500 years ago by the Chinese military strategist Sun Tzu. “The Art of War,” Tzu’s widely recognized book, highlights the importance of filling the shoes of your enemy to be successful in battle. His advice is particularly pertinent for those who go to war every day against network hackers and other cybercriminals – and thus need to tap into the mind of a hacker.

Why think like the hacker?

With new threats popping up by the minute, it is no longer enough to merely respond to them as they happen. Defeating hackers requires getting into the mind of a hacker and the ability to anticipate their next step. You must go into the mind of a hacker to identify where your organization has vulnerabilities.

There are several advantages to thinking like a hacker and keeping your company protected from the next threat.

  • You’ll be more familiar with your organization’s threat surfaces. Thus, you’ll begin to anticipate the holes a hacker might find within your organization.
  • While thinking like the hacker, you can begin to highlight what information they may target, whether it be monetary or otherwise. This will allow you to enhance the defense on those sets of data to ensure security.
  • After identifying your highlighted information, you can begin to develop a profile of who would target that data. For example, credit card data would be more attractive to the hacker looking to make a monetary gain rather than a group of hacktivists. Likewise, government data would most likely attract hackers from foreign governments. Knowing the profile of the group you may be baiting gives you a better understanding of the threats you may face ultimately allowing you to plan the steps necessary to secure company data.
  • Your efforts can help you conclude that someone has already tapped into your organization. Unfortunately, many security breaches go undetected for prolonged periods of time. The longer the breach goes undetected, the longer those hackers have to steal information, which results in higher remediation costs.
Incident response plans

Despite the growing need, not every organization is prepared to respond to a cyber attack. The first step is to put together an incident response playbook; this is akin to a building’s evacuation plan in case of a fire. The playbook should tailor to the specific threats that your particular organization will attract. Tips on how to develop a reliable playbook can be found here.

The response team will be responsible for a variety of different tasks. Some tasks must be completed before an attack, while others will need to be handled during and after an incident. Have team members conduct regular drills to test and enhance emergency preparedness