How to Prepare for Cyber-War

How to Prepare for Cyber-War

How to Prepare for Cyber-WarHow to Prepare for Cyber-War

Winning the cyber-war is not a one-time event—it requires constant vigilance and a collective approach that encompasses prevention, detection and response.


Fundamental to winning the cyber-war is the visibility that lets you see and understand your entire enterprise. More than half of today’s organizations report lacking the visibility to see where and when attacks hit.

Continuous and Centralized RecordingContinuous and Centralized Recording

By continuously recording all endpoint activity on an enterprise, an organization can be confident that it has the visibility to see and scope attacks.

Prevent Attacks by Trusting No OnePrevent Attacks by Trusting No One

Instead of using antivirus, implement a “zero trust” prevention model. That way, organizations can allow only trusted software to run on their enterprises. If something unapproved attempts to run, alerts are immediately triggered to help defenders triage a possible attack.

Understand the Root Cause of AttacksUnderstand the Root Cause of Attacks

If you don’t know the original vector for infection, you’re simply treating the symptoms of an attack and not the underlying cause. By confidently knowing the root cause of an attack, organizations can close vulnerabilities to future infections.

Move Beyond IOCsMove Beyond IOCs

Traditionally, the industry has focused on Indicators of Compromise (IOCs)—addresses, domain names, URLs, file hashes, and similar metadata around tools or actions that occurred during an attack. This threat intelligence is fragile and very easy for an adversary to change. Eventually, it becomes impossible to keep up.

Evolve to Patterns of AttackEvolve to Patterns of Attack

Patterns of attack (POAs) are more effective then IOCs because they identify the entirety of an adversary’s method. Attackers organize tactics, techniques and procedures to subvert known blind spots in information security solutions and exploit common vulnerabilities in software. POAs help you understand attacks that try to exploit these methods.

Empower and Unite PeopleEmpower and Unite People

Humans are the lifeblood of any information security program, not systems and data. Unfortunately, most security programs suffer from a shortage of security talent. To win the cyber-war, people must feel empowered against adversaries. That begins with uniting the community via sharing.

Share, Share and Share Some MoreShare, Share and Share Some More

Attackers share methods with one another, while the good guys fight in individual silos. Attackers use the same tactics repeatedly, so when a security team successfully defends against those attacks and shares lessons learned, the entire community become stronger.

Prioritize Customer Security Over ProfitsPrioritize Customer Security Over Profits

Defenders should not be locked into a single security platform that does not allow for integration with best-of-breed security at every layer of the stack. They should find an easy way to integrate their data and systems for better security.

Continuously Improve DefensesContinuously Improve Defenses

Winning the cyber-war is not a one-time event. It requires constant vigilance and a collective approach that encompasses prevention, detection, and response. When we unite as a community and continue to empower those charged with winning the cyber war, we’ll see the scales shift back to the side of the good guys

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles