10 Ways to Prepare for Cyber-Warfare
10 Ways to Prepare for Cyber-Warfare
Winning the cyber-war is not a one-time event—it requires constant vigilance and a collective approach that encompasses prevention, detection and response.
Visibility
Fundamental to winning the cyber-war is the visibility that lets you see and understand your entire enterprise. More than half of today’s organizations report lacking the visibility to see where and when attacks hit.
Continuous and Centralized Recording
By continuously recording all endpoint activity on an enterprise, an organization can be confident that it has the visibility to see and scope attacks.
Prevent Attacks by Trusting No One
Instead of using antivirus, implement a “zero trust” prevention model. That way, organizations can allow only trusted software to run on their enterprises. If something unapproved attempts to run, alerts are immediately triggered to help defenders triage a possible attack.
Understand the Root Cause of Attacks
If you don’t know the original vector for infection, you’re simply treating the symptoms of an attack and not the underlying cause. By confidently knowing the root cause of an attack, organizations can close vulnerabilities to future infections.
Move Beyond IOCs
Traditionally, the industry has focused on Indicators of Compromise (IOCs)—addresses, domain names, URLs, file hashes, and similar metadata around tools or actions that occurred during an attack. This threat intelligence is fragile and very easy for an adversary to change. Eventually, it becomes impossible to keep up.
Evolve to Patterns of Attack
Patterns of attack (POAs) are more effective then IOCs because they identify the entirety of an adversary’s method. Attackers organize tactics, techniques and procedures to subvert known blind spots in information security solutions and exploit common vulnerabilities in software. POAs help you understand attacks that try to exploit these methods.
Empower and Unite People
Humans are the lifeblood of any information security program, not systems and data. Unfortunately, most security programs suffer from a shortage of security talent. To win the cyber-war, people must feel empowered against adversaries. That begins with uniting the community via sharing.
Share, Share and Share Some More
Attackers share methods with one another, while the good guys fight in individual silos. Attackers use the same tactics repeatedly, so when a security team successfully defends against those attacks and shares lessons learned, the entire community become stronger.
Prioritize Customer Security Over Profits
Defenders should not be locked into a single security platform that does not allow for integration with best-of-breed security at every layer of the stack. They should find an easy way to integrate their data and systems for better security.
Continuously Improve Defenses
Winning the cyber-war is not a one-time event. It requires constant vigilance and a collective approach that encompasses prevention, detection, and response. When we unite as a community and continue to empower those charged with winning the cyber war, we’ll see the scales shift back to the side of the good guys
