Traditionally, cybersecurity has been a reactive game: We respond to cyber threats as they arise, analyze the incidents, add pertinent information to “deny lists”, and update stakeholders on “what happened.”
But in today’s threat landscape hackers move too quickly, tactics become too sophisticated and attack vectors are too numerous for security teams to keep up. It’s one of the biggest industry-wide challenges I see right now: taking a proactive approach instead of merely reacting to security incidents. Rather than looking backwards, organizations need to focus on operational and business resiliency to address all forms of digital risk and cyber threats, which requires a new focus on proactive intelligence and approaches.
It may sound difficult, but change always sounds hard at first. The truth is that we can make a paradigm shift in the way we think about detection, protection, and proactiveness with respect to intelligence and resilience.
I firmly believe that the future of cybersecurity is a proactive approach to cybersecurity. Here are the benefits of pivoting.
Early Threat Detection
Understanding attacker infrastructure is the key to not just reactive but true, proactive threat intelligence.
As we’ve seen from several high-profile hacks of recent years, bad actors often break into a network and lie low for months — even years — as they silently steal data and cause damage fully undetected. As part of this, they need to be constantly communicating with their external infrastructure – command-and-control or C2 – for instructions, data exfiltration, and continuation of the attack.
Even though they may try and hide or obfuscate their communication it’s not untraceable. Hackers inevitably leave evidence of their activities which can be used to detect breaches in real-time and allow organizations to proactively address resiliency.
At BlackHat in Las Vegas last year, I kept hearing the buzz phrase “digital exhaust” — the traces l
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: