Cyber Security and Social Engineering – A True Case Study

Thursday, August 01, 2013

Jon Stout


A well respected cyber security expert recently released an article extolling the virtues of board level support in the cyber security process. This article highlights the necessity for full board of director's commitment  for perimeter protection and, equally important, the need for a robust human firewall protection against social engineering cyber-attacks.

Board approval is a necessary prerequisite to total corporate culture commitment.

I have personal experience with the importance of an aggressive board of directors in combating cyber intrusions into a corporate network.

In the year 2000 as head of an investor group, I purchased a controlling share in a federal government services provider called Hadron Inc. We subsequently purchased another company named Analex and merged the two entities. I assumed control as Chief Executive Officer and Chairman of the Board of Directors.

Both entities were problematic and required a significant effort to turn the entity around and make it profitable, In addition the company had shares that were publicly traded and regular board meetings were required.

Our contract base was the Intelligence Community and all of our staff required high level clearances. In addition we had a SCIF for handling sensitive classified documents and developing classified software. In addition the company had a substantial investment in a biological warfare and counter terrorism unit that developed protocols used in the event of an  anthrax attack.

As soon as we took control we discovered attempted penetration into our unclassified and classified networks. We immediately specified, purchased and installed the latest in firewall protection and the attacks demised but did not stop. Viruses and malware were frequent visitors to our networks. Given the sensitive nature of our relationship with our customer base we risked catastrophe unless we took action.

After a review with our network administrators and human resources department we learned that much of the continuing trouble came for errors made by the network users. Flash drives were everywhere and  unauthorized web surfing and mishandling of information were major problems. As a result we developed, presented and passed a plan with the board of directors that addressed the problem of what we now know as social engineering:

  1. A comprehensive graph of our networks was developed that included all devices on all networks, their ip addresses and users by name.
  2. We ran a study of all hacking problems stemming from human error on the networks.
  3. We formed a Tiger Team to identify the source of the attacks and those employees who were using unsafe practices. This Tiger Team had the responsibility to establish and enforce best practices.
  4. We set up periodic all hands meeting to educate the employees on best practices and how to avoid social engineering threats. Included in this training was information on how to respond to an attack.
  5. We advised all users of the networks of the necessity of following best practices and included best practice goals in each employee's compensation plan..
  6. Lastly we established a protection budget to allow the Tiger Team to function and constantly upgrade cyber protection.

Eventually we got a truly proactive plan in place that was effective. But the threats were constantly changing and becoming more sophisticated. It took a great deal of human and financial resources to build what is now referred to as a human firewall and we had a difficult learning curve to overcome.

Now however, there are powerful integrated dashboards that can be installed and modified to meet each user’s particular needs. Now a company can create hundreds if not thousands of employee cyber warriors with a relatively small investment.

We had to learn the hard way but, because the board was supportive and we had good people and a focused plan we controlled the threat. It is far easier now however with the right technology and corporate commitment from the board of directors.

About the Author: Jon M. Stout is Chief Executive Officer of Aspiration Software LLC. Aspiration Software LLC is an Information Technology/Cyber Security services provider specializing focused on the Intelligence Community (IC). 

General Infosec Island Firewalls IDS/IDP Network Access Control Network->General SCADA Operating Systems SPAM Viruses & Malware Budgets Enterprise Security Policy Security Awareness Security Training General Impersonation Phishing Phreaking General PDAs/Smart Phones
Post Rating I Like this!
addie baldric Learned that much of the long-term trouble came for errors made by the network users, finally got a really proactive plan in place that was effective..
frankiejean jean I reading your blog this blog is amazing & your blog topic is excellent thanks for sharing this interesting blog.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.