The majority of hackers surveyed in the 2018 \u201cBlack Report\u201dclaimed they could breach a perimeter and exfiltrate data in less than a day. The results were similar across industries, from telecommunications companies to law firms, federal government, critical infrastructure, and aviation.\nCyber defense can seem like a constant game of whack-a-mole, with security teams trying to keep pace with increasingly sophisticated hackers and other cyber criminals. And everyone is at risk, says Jeff Moss, founder of the Black Hat and Def Con security conferences and a security advisor to the secretary of Homeland Security.\n\u201cThey\u2019re all at risk, they\u2019re being attacked continually, and they\u2019re all vulnerable,\u201d Moss explains. \u201cI don\u2019t think the news is that Fortune 500 companies are vulnerable. The news is, what are they doing about it and how do they control their risks? \u201cNo company can be 100 percent secure.\u201d\nCreative Criminals\nWhile many malicious hackers will go for low-hanging fruit with simple phishing techniques, others are much more creative.\nLast year a casino was victim to a breach from a seemingly innocuous source: a connected fish tank. Its sensors were connected to a PC that regulated the tank\u2019s temperature and cleanliness, and after breaching the tank sensors, the attacker moved around the network and stole 10 gigabytes of data.\nSeparately, British consumer rights group Which? cautioned it was disturbingly easy to hack into connected toys like Furbies\u2013 echoing a warning from the FBI.\nWhile there might not be any Furbies in your enterprise, the warnings illustrate the inventive methods hackers can use.\nJennifer Arcuri, co-founder of white-hat consultancy Hacker House, says some of the first actions her firm takes when exploring vulnerabilities for a client are to figure out who might be targeting a business and who the adversaries are.\n\u201cThen we look at what vulnerabilities are there,\u201d she says. \u201cBy design, all computers are broken.\u201d\nMoss agrees. \u201cThe internet is full of robots, and they\u2019re checking everybody,\u201d he says. \u201cYou need to be prepared to just assume that you\u2019re always under attack, not because you\u2019ve been singled out, just because you\u2019re participating.\u201d\nThe Hacker\u2019s Perspective\nWhen security teams adopt a hacker mindset, they can develop a more holistic defense strategy that combines people, process, and technology.\n\u201cHackers are very persistent and data driven,\u201d says Arcuri. \u201cAlways anticipating how that might be applied to your organization is a good way to think about it from their point of view.\u201d\nThere\u2019s a lot that industry and law enforcement can learn from the hacker community, says Arcuri. \u201cThe information sharing and transparency, understanding how things work, so much of that can be harnessed into better solutions,\u201d says Arcuri. \u00a0\nTo learn more about the hacker mindset and how to protect your business, watch the webcast episode, Hackers tell all: Why your organization is a target.