Technological advances have made the job of information system auditors, risk managers and governance and security professionals difficult. The traditional mindset of applying controls to never-ending security and privacy issues is no longer enough. In order to counter and beat the adversary, you need to think like the adversary by attempting to understand your own weaknesses and the motivations of adversaries and the networks they operate on.
Pre-program Your Mindset
A shift in the security and privacy mindset starts with each individual. It is a multi-step process involving technology and non-technology solutions. A well-rounded security professional needs to have robust knowledge of advanced technologies, including dark web concepts, and be able to apply security based on facts and secure thinking.
Getting a foundational knowledge of the dark web starts with learning more about popular gateways such as Tor, ZeroNet, Freenet and I2P. This is an introductory list to help traditional thinkers begin to think like the adversary. Gaining knowledge of these advanced networks provides a unique perspective on audit, security controls implementation and governance, or lack thereof, and it can help security professionals think about how to build resilient networks.
Ready, Set, Go
The secure human behaviors journey starts with each individual and is a simple two-step process. First, know where you are vulnerable. Second, know what you are vulnerable to. The assessment process can be simple; however, adapting the assessment as part of one’s daily routine takes time to master. Once assessed, apply controls to strengthen your security.
In order to make impactful contributions to the security profession, it is beneficial to shift your mindset and learn about advanced topics including the dark web and the role of secure human behaviors. Learning about the dark web provides a unique perspective to computing environments. Securing behaviors and making fact-based decisions will lead to better humans and security professionals.
Editor’s note: For further insights on this topic, read Babur Kohy’s recent Journal article, “The Dark Web and the Role of Secure Human Behaviors,” ISACA Journal, volume 2, 2021.
Don't forget—Members can earn free CPE from ISACA Journal quizzes!