I came across this article that discusses how information security professionals should be adding a data driven approach to complement other techniques while attempting to mitigate the risk of attacks. Traditional defense preparation such as penetration testing is great for identifying specific weaknesses and exposures but there can be more creative and pro-active ways to finding where in your network is attracting potential hackers.
The author mentions that malicious hackers may be using rapidly changing techniques and advanced tools but they are using these tools with the same strategies and motives that have allowed them to analyze a target network and develop solutions in the past. If we can analyze our own networks in this same way that a hacker does it can allow us to focus in on key weaknesses.
It’s also interesting that the article mentions that organizations are beginning to task additional teams along with penetration testing to handle a role of analyzing the tactics and thinking process of the penetration testers. By reviewing this analysis and data you can possibly uncover thinking or trends that a malicious hacker may come across but perhaps the penetration testing missed.
http://www.darkreading.com/analytics/the-new-security-mindset-embrace-analytics-to-mitigate-risk/a/d-id/1326812?
Wade Mackey says
Agree with the article, but this can be a hard sell to security minded operations. How much access do you grant to the data store? What data do you scrub? Each step that limits risk, also limits effectiveness.