If Krav Maga has ever taught me anything it is the importance of counter-attacks. Of course blocks are effective but a block combined with a punch will give you an advantage you’ll be happy to have in any confrontation outside the dojo. A nice and caring opponent that throws you a punch just where and when you want it is something and the guy on the street is something else.
I was thinking if we weren’t fooling ourselves in a similar manner on issues related to our information security. Do we only prepare for attacks we want to receive? Can we do more?
Back to Krav Maga then for a possible approach; our response time can determine the outcome of the attack. On a similar note, it’s also very difficult to defend yourself against an attack you don’t see at all. On the street you will easily spot a potential threat your instincts will provide you with priceless feedback on most situations, all you have to do is to listen.
When it comes to information and physical security some further measures need to be taken. First of all we need a way to “see” the attack; monitoring the incoming internet traffic can easily give you some clues about the type of the attack. On a second level system and network events can also be helpful keeping in mind that attacks can also come from the inside (think end user).
This again doesn’t do much on its own, you need to have a plan for when an attack is occurs. Same ideas can be extended to the physical security of your company, how do you know no one has entered your offices, data center or warehouse last night?