Home Science & Technology Offensive mood is crucial for effective cyber defense

Offensive mood is crucial for effective cyber defense

78
0


As ransomware attacks continue to increase and cybercriminals become more sophisticated, the federal government has introduced a more proactive approach when it comes to cybersecurity. As evidenced by her stated strategy to adopt Fr. architecture with zero confidence, the federal government is taking steps to reduce the risk of cyberattacks on its digital infrastructure and is setting specific security targets for agencies to quickly detect, isolate and respond to threats. An example of such an approach is also its extension Cybersecurity Initiative in Industrial Managementwhich aims to facilitate the deployment of technologies and systems that provide visibility to cyber threats, indicators, detection and warnings for water infrastructure.

Offensive mood is the key to providing the best cyber defense. To be successful, organizations need to consider three main components when developing a defensive strategy based on an offensive cyber model: review the set, think like a hacker, and promote offensive training related to defensive training.

Revision of the set

According to the ISACA report on the state of cybersecurity for 2022, 63% of respondents have vacant positions in the field of cybersecurity, which is eight percentage points more than in 2021. However, the gap in cyber skills is widening every year. This demand for talent requires organizations to take advantage of those seeking greater growth and career change, especially in the cyber industry. Ultimately, cybersecurity is a creative field with ever-evolving problems and solutions, so hiring people with a new perspective on problems and a desire to learn is much more valuable than a certain degree or experience.

This means that companies should consider creating programs that help hire people who may not meet conventional cyber standards, and help them develop the skills they seek from employees. There is also the opportunity to further train those candidates who are interviewed but simply do not understand what the role requires to succeed – again, helping to shape the skills they are looking for in such positions. It is also important to offer new opportunities for current employees by promoting skills that can be transferred from one department to another. Get cyber-employees interested in warning of these new opportunities, giving confidence that growth is still there. Such efforts involve an active approach to combating the existing threat.

Think like a hacker

Threat intelligence is a key component for the development of offensive thinking. This is why an active cybersecurity audit can be one of the best ways to stop cyber attacks before they can affect an organization. To make the right changes to cybersecurity strategies, an organization must fully understand existing network vulnerabilities.

This can be achieved through several different tactics, including penetration testing and vulnerability scanning. Penetration testing involves targeted network hacking to detect vulnerabilities in an organization’s system, while vulnerability scanning consists of an automated test that looks for potential security vulnerabilities. Both tactics allow organizations to better understand the hacker’s mind and understand “how” is behind a potential attack. What else to consider – under the right circumstances – is the ability to hire a former hacker. Understanding them can be extremely helpful, as the ability to identify weaknesses can be a useful asset. Many former hackers find the role of intrusion tester / member of the red team fulfilling their desire to uncover the flaws of the system, doing so legally, to increase security.

Facilitate offensive training in relation to defensive training

While we are witnessing changes at the national level to better protect our lifestyles through a push to zero confidence, better recognition of sharpening offensive opportunities in all sectors is also needed, ensuring that they are trained directly next to defensive approaches.

Those who perform cybersecurity for the private sector or critical infrastructure companies perform cyber defense, but there is a concept of active protection – more active detection and deterrence of threats before they have a chance to hack the system. This requires an understanding of how hackers think to know how to find threats before they find themselves inside, since the principle of zero trust “allow violation” recognizes that attackers will enter.

However, those seeking a legitimate, ethical career in cyber are usually taught to protect the web. But if no one knows how to break into different security levels, they don’t think like an attacker. Giving employees an offensive cyber learning given that they have permission to attempt an invasion, it can free up and help them develop the instincts and know-how they need to be the best possible cyber defenders. In the future, this should be a standard practice that promotes advancing training in unison with defensive training.

The experience of how to break into something with the help of offensive cyber tactics is something that evokes original thinking about ways to protect, which is as valuable as understanding the methods and motivations of attackers.

The threat environment is constantly evolving due to current events and the rise of more sophisticated cybercrime. Thus, offensive sentiment is crucial to fully protect organizations from attacks at the enterprise and nationally. For success, organizations must act now by changing the ways they recruit and train employees, understanding the motivations of hackers and ensuring the deployment of offensive strategies along with defensive ones.

Previous articleToyota Q4 operating profit fell 33%, according to Reuters
Next articlePhysicists have found a way to cause a strange glow to accelerate the rate of deformation