10 Ways to Prepare for Cyber-Warfare

 
 
By Karen A. Frenkel  |  Posted 06-02-2016 Email
 
 
 
 
 
 
 
 
 
  • Previous
    10 Ways to Prepare for Cyber-Warfare
    Next

    10 Ways to Prepare for Cyber-Warfare

    Winning the cyber-war is not a one-time event—it requires constant vigilance and a collective approach that encompasses prevention, detection and response.
  • Previous
    Visibility
    Next

    Visibility

    Fundamental to winning the cyber-war is the visibility that lets you see and understand your entire enterprise. More than half of today's organizations report lacking the visibility to see where and when attacks hit.
  • Previous
    Continuous and Centralized Recording
    Next

    Continuous and Centralized Recording

    By continuously recording all endpoint activity on an enterprise, an organization can be confident that it has the visibility to see and scope attacks.
  • Previous
    Prevent Attacks by Trusting No One
    Next

    Prevent Attacks by Trusting No One

    Instead of using antivirus, implement a "zero trust" prevention model. That way, organizations can allow only trusted software to run on their enterprises. If something unapproved attempts to run, alerts are immediately triggered to help defenders triage a possible attack.
  • Previous
    Understand the Root Cause of Attacks
    Next

    Understand the Root Cause of Attacks

    If you don't know the original vector for infection, you're simply treating the symptoms of an attack and not the underlying cause. By confidently knowing the root cause of an attack, organizations can close vulnerabilities to future infections.
  • Previous
    Move Beyond IOCs
    Next

    Move Beyond IOCs

    Traditionally, the industry has focused on Indicators of Compromise (IOCs)—addresses, domain names, URLs, file hashes, and similar metadata around tools or actions that occurred during an attack. This threat intelligence is fragile and very easy for an adversary to change. Eventually, it becomes impossible to keep up.
  • Previous
    Evolve to Patterns of Attack
    Next

    Evolve to Patterns of Attack

    Patterns of attack (POAs) are more effective then IOCs because they identify the entirety of an adversary's method. Attackers organize tactics, techniques and procedures to subvert known blind spots in information security solutions and exploit common vulnerabilities in software. POAs help you understand attacks that try to exploit these methods.
  • Previous
    Empower and Unite People
    Next

    Empower and Unite People

    Humans are the lifeblood of any information security program, not systems and data. Unfortunately, most security programs suffer from a shortage of security talent. To win the cyber-war, people must feel empowered against adversaries. That begins with uniting the community via sharing.
  • Previous
    Share, Share and Share Some More
    Next

    Share, Share and Share Some More

    Attackers share methods with one another, while the good guys fight in individual silos. Attackers use the same tactics repeatedly, so when a security team successfully defends against those attacks and shares lessons learned, the entire community become stronger.
  • Previous
    Prioritize Customer Security Over Profits
    Next

    Prioritize Customer Security Over Profits

    Defenders should not be locked into a single security platform that does not allow for integration with best-of-breed security at every layer of the stack. They should find an easy way to integrate their data and systems for better security.
  • Previous
    Continuously Improve Defenses
    Next

    Continuously Improve Defenses

    Winning the cyber-war is not a one-time event. It requires constant vigilance and a collective approach that encompasses prevention, detection, and response. When we unite as a community and continue to empower those charged with winning the cyber war, we'll see the scales shift back to the side of the good guys
 

If you cannot see an attack, how are you expected to stop it? If you were a detective in the physical world, would you rather investigate a burglary using random photographs of what might have occurred, or by using surveillance video of the actual event? "You've heard the phrase ‘antivirus is dead,' right? That's because antivirus often relies on outdated signatures to stop attacks. AV is good for stopping nuisance malware, but is powerless against advanced threats," said Mike Viscuso, Chief Technology Officer and co-founder of Carbon Black. His firm specializes in endpoint security to disrupt advanced attacks. Here, he discusses outmoded methods of defense and self-serving approaches that no longer work, such as the tendency of vendors to work together when it's advantageous for their bottom line. He also answers the questions posed above and offers advice on how to vanquish intruders, and he calls for information sharing and creating a sense of community among those defending themselves from attackers.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...