In our sixth and final part of series on advanced hacking hacks, Jack B. Voth, voice and data network technology specialist and vice president/director of technology services for The Client Server Inc and co-author of the book Chained Exploits: Advanced Hacking Attacks from Start to Finish, concludes by offering insight on what a small business can do when it comes to facing these new threats.
Bright Hub: What advice would you recommend to a smaller business, where there might not be full time IT staff?
Jack B. Voth: Is there time where you believe outsourcing to an IT security firm would be the best option, especially if there is sensitive information that could be compromised? The same advice stands true for any sized business; having appropriate protections in place and then staying current with maintenance processes is the number one priority. Just like the internet allows smaller businesses to operate and compete similar to a larger corporation, those business are now equal targets for Script Kiddie's , Professional Hackers, and botnet operators, cyber criminals seeking identifying and credit card information, corporate espionage and simple revenge. The only thing that changes is the definition of "appropriate protections". All businesses regardless of size would benefit from consulting an outside IT security firm to audit their network systems and assist them with determining "appropriate" security measures, but smaller businesses facing compliance issues such as PCI and HIPAA should always seek the advice of an outside IT security firm. Remember, It is very difficult, if even possible, to audit yourself or your own company. Businesses obligated to Sarbanes Oxley are required by law to obtain an annual audit of their network systems from a qualified, licensed third-party security vendor.
Thank you to Andrew Witaker, Keatron Evans and Jack B. Voth, the authors of Chained Exploits: Advanced Hacking Attacks from Start to Finish, for taking the time to talk to Bright Hub about these security concerns.