[Swiftwater Gazette] Proactive Cybersecurity Strategy
kroposki at att.net
Sun Dec 25 06:56:32 EST 2016
DefeatingAdversaries Requires a Proactive Cybersecurity Strategy
“Whileblunt in delivery, the message implied in Vince Lombardi’s famoussaying is simple: to win any game or challenge, preparation isnecessary. As a former NFL coach and executive, Lombardi understoodthe need to prepare game-winning strategies. Security professionals must also prepare to stop the next breach and prevent the theft ofvaluable, sensitive data and digital assets.
“Withoutthe proper security plan in place, no organization can successfullyidentify and keep intruders out of their networks and away fromvaluable digital assets. A tabletop exercise is an effective andefficient means to test your organization’s resources, tools, andsecurity plan, specifically as they relate to incident response.
Seeingthe Forest For the Trees: How Proactive Threat Hunting Stops theMega-Breach.
“Ifwe try to rely purely on technology, or purely rely on code to judgethe intent of another piece code — this is obviously an extremelydifficult problem. So a lot of us recognize there’s a need forhumans to get involved,” he says. “Now, whenever we try toinvolve humans, I think it’s our natural tendency to put thosehumans directly in the detection resolution loop. As a result,security analysts are placed on the receiving end of a high volume ofalerts streaming in from a variety of detection solutions, IDSes, andhost-based security systems. This frequently creates an untenablesituation and sets organizations up for failure,” Merritt says.
“We’reso afraid of the ‘false negative’ that we require humans toresolve every single tactical alert coming out of their detectionapparatus.” The inevitable result is alert fatigue and a higherpotential for failing to recognize the most important threats facingour organizations. “We start treating people like very tacticalcogs in a wheel. In the end, we often don’t see the forest for thetrees.”
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the SwiftwaterGazette