written by: Finn Orfano•edited by: Bill Bunter•updated: 5/5/2010
Andrew Witaker, Keatron Evans and Jack Voth, the authors of
Chained Exploits: Advanced Hacking Attacks from Start to Finish discuss the digital dangers faced by business in the 21st century
slide 1 of 1
What are the dangers of advanced hacking? Andrew Witaker, Keatron Evans and Jack Voth, the authors of Chained Exploits: Advanced Hacking Attacks from Start to Finish offer their insight to the new dangers facing business computer users in the 21st century.
In our first part in this multi-part series we talk to Andrew Witaker, Director of Enteprise InfoSec and Networking for TechTrain where he performs penetration tests and teaches ethical hacking and Cisco courses. Andrew has been working in the IT industry for more than 10 years, specializing in Cisco and security technologies, and has performed penetration tests for numerous financial institutions and Fortune 500 companies.
Bright Hub: What is the state of corporate network security? Are businesses, especially small and medium sized enterprises really doing enough when it comes to security?
Andrew Witaker: Security professionals today are caught in a never ending cycle of securing networks. As soon as a safeguard is put into place to protect against a threat, a new threat emerges. Security professionals need to recognize that our work is never finished. In today's world, there are more ways to compromise a network than ever before. With phishing scams and other social engineering schemes at an all time high, security professionals need to be vigilant to both understand how these threats work as well as train their users.
Small and medium sized businesses are especially at risk because they often do not have the budget to protect against attacks. Small business owners often say, "Why would anyone attack me?" While it is true that small businesses may not be as attractive a target to exploit as a large enterprise from a financial perspective, they are attractive from the perspective of using small business networks as launching pads for further attacks. All networks need to be educated in how these attacks work and how to mitigate these threats.