Staying Ahead of Cybercriminals Through Cyber Testing

Today’s organizations face an ever-increasing number of cyberthreats, different kinds of breaches and more damaging attacks. Combatting the threats requires companies to build more robust defenses and deploy a wide range of tools. One tool that is often overlooked or misunderstood is cybersecurity testing.

There are three main types of cyber tests that companies can deploy. They all provide the opportunity to find gaps and plug holes in networks, applications and systems before cybercriminals find them and exploit them. Still, effective testing involves a number of steps — from building a clear plan, to getting buy-in, and to acting on the results.

One type of cyber test that companies can perform is called penetration testing. This test simulates a real cyberattack. The goal is to determine if an attacker can get through an organization’s defense system, and if they can get through, to find out how they entered.

A second type of cyber test is called a blue team-red team mission. Like penetration testing, this test also simulates an attack. But the primary goal here is to see how a team reacts to the threat. These tests are typically executed as true to life as possible, with very few people knowing they are tests.

The third type of test is called a tabletop exercise. This is an exercise with a mock drill involving a scenario that is described and discussed in depth by the team. Leaders of the exercise describe the scenario, and then ask members of the group questions such as how they would respond to such a situation, who they would engage with, and what tools would they would use.

In this episode of Cloud Talk, three cyber leaders from Rackspace Technology discuss cyber testing with host CTO Jeff DeVerter to help raise awareness of the tangible activities that businesses can engage in to improve their security posture. This conversation took place in October 2021, during National Cybersecurity Awareness Month in the United States.

Their conversation focuses on the advantages that testing brings, and how companies can leverage this cyber tool by asking themselves these questions:

• What is our goal for conducting cyber testing?
• What should we test?
• Who should be involved in our cyber testing initiatives?
• How long will the test take to run?
• How will we get buy-in from the key players?
• Will our IT personnel really fall for a simulated attack?
• How do we make sure we leverage our findings?

“With cybersecurity testing, you have to be very focused on the goal,” says Brandon Jaster, Senior Manager of Cybersecurity at Rackspace Technology. “What are you trying to achieve? Within that framework, you can be really flexible in how you test.”

After running a test, organizations must study the outcome to see if they achieved their goals. “It’s important to document the test’s objectives and goals so you can go back and see if you met them or fell short,” says Thomas Dowling, Senior Operations Manager at Rackspace Technology. “If you met the goals, what are the next steps? If you fell short, what action plan will you put in place next?”

An important step in any cybersecurity test is to get buy-in from the key players. “If you don’t get buy-in, people won’t take it seriously,” says Karen O'Reilly-Smith, Chief Security Officer at Rackspace Technology. “When people are on board, you can create really challenging scenarios, including something the teams have never faced before. Throw something wild out there and see how people respond. The result will be insight that can be used to make your cyber defenses that much stronger.”

Cloud Talk covers topics like multicloud, digital transformation, containers and Kubernetes, IoT, edge computing, data and more. Episodes are short and sweet — around half an hour — and available from Apple Podcasts, Spotify, Stitcher and anywhere else podcasts can be found.