Why we harden - Linux Tutorial

Hello, and welcome to Cybrary's Linux Hardening course. This lesson is why we harden. I'm your instructor, Corey Holzer, and I'm glad you join me in this journey through Linux security. When this lesson is over, you will be able to describe the realities of the current cyber landscape. You will also be able to articulate and discuss the importance of security in light of the current environment we find ourselves in. Visit any news site or simply scan a news feed and you will find multiple articles discussing the latest security breach or the cleanup that comes after one. No sector is immune and no industry is less attractive to hackers or criminals. The most challenging part for you and I is finding a way to make the organizations we work for less attractive to would-be adversaries and more resilient in the event one of our networks is breached. There is no sign of these attacks slowing down or becoming less difficult to defend against. You have to think if there have been 11,762 attacks in a 15-year period, how long before my network is the next target of some criminals crosshairs? With 86 percent of breaches being financially motivated, the decision to spend $170 billion on security seems to make all too much sense. Breaches are on the rise, as shown by the figures here, and there is no reason to think these attacks will slow down or even stop. Personal data is currency for hackers and criminals, and its loss means millions of dollars of loss value for companies. Even two or three attacks in one year could bankrupt a small to mid-sized company. Worst part is, these criminals are smart and patient. In some cases, they can gain access to a network for a year or more before they're even discovered. Historically, hackers sought to break into websites and businesses and leave a very obvious and public display telling you that they had been there. Today, not so much. They will lie nearly dormant inside a network until they find a desirable data, and then slip the data out without tripping any active network censors. Then they go dormant again until the next piece of attractive data is revealed. We harden our networks in order to be less vulnerable and to make it more difficult for hackers. To apply the money analogy, we try to make attacking our networks too costly and to lower the hacker's return on investment. Human errors will happen. We are human after all. Hardening ensures the effects of those errors are kept to a minimum. When the military deals with an adversary, they try to assess what are the enemy's most likely and most dangerous courses of action. As security professionals, we need to think along the same lines, and when we are talking about protecting our networks and systems against adversaries, we need to think about the most likely way an adversary will try to infiltrate our systems. We must also identify which systems within our network would result in the greatest harm, should the hacker gain access to it. In the information age, we find ourselves in the most valuable assets a company has. Other than its employees, are its information systems and the intellectual property therein. So in this lesson, we discussed the realities of the current environment we find ourselves in. In light of those threats, we also discussed why it is so important to harden our networks and systems. Thank you for taking the time to listen. I look forward to you joining me for the next lesson.