For a long time the cyber security industries solution to an adversary carrying out their actions on objectives is to call in incident response. I think the belief that when an adversary is carrying out their actions on objectives it's too late is misguided. Actually, it's often the place where you can defend most effectively. There are three reasons that I see for this dynamic: 1) Defence is usually seen as mitigating an adversaries actions rather than controlling an adversaries actions, so by default defenders are putting themselves on the back foot. 2) Often defensive focus is put on defending assets, systems or privileges rather than preventing undesirable outcomes. 2) Defence is often too tooling centric. If you want to do anything more than prevent generic threats then that tooling needs telling what to do, it needs to be given context specific to what outcomes you wish to prevent. Give it context and it can be extremely powerful. I wrapped some of this thinking up in a recent post on the Lab539 website. My thinking generally is that, far too frequently, the cyber security industry is not looking past the positioning phase of an attack: https://lnkd.in/en-VZ3r5 #CyberDefence #TCDO #CyberDefense #Lab539 #CyberDefendersKillChain
John Fitzpatrick’s Post
More Relevant Posts
-
Despite the misconception that only large organizations are vulnerable to #ActiveAdversary attacks, 24% of IT leaders at organizations with 100-250 employees experienced active adversary attacks within the past year. And as cybercriminals speed-up dwell times, defenders have even less time to stop them. To avoid falling victim, defenders can increase friction for attackers through robust, layered protection, 24/7 vigilance, and a comprehensive response plan. Discover additional recommendations based on analysis of more than 200 major cyber incidents. Get the whitepaper: https://gag.gl/sotvwD
Cybersecurity as a Service Delivered | Sophos
sophos.com
-
Strategic transformation, integration, diligence, and M&A advisory for PE deal teams, operating partners, and acquisitive corporates.
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences.
The linchpins for successful M&A transactions: IT and cyber due diligence
-
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
-
Sr. Director, Human Resources Leader - Professional Services+ at RSM US LLP and RSM Autism Awareness & Acceptance Leader for US and Canada
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
-
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
-
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
-
Marketing executive who provides strategic direction and focused plans that deliver results
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
-
In the rapidly changing realm of cyber threats, new regulatory measures have revolutionized the cybersecurity landscape for publicly traded companies. With the CISO assuming a more critical position and boards of directors being given greater responsibilities, we are stepping into an era that calls for increased cyber watchfulness and responsibility. As regulatory bodies place more emphasis on holding CISOs personally accountable and potentially take enforcement actions, CISOs and boards must reassess their cyber strategy going forward.
Redefining the Cybersecurity Paradigm: CISOs and Boards in the Wake of Regulatory Shakeups | JD Supra
-
Principal - M&A Integration and Separation Leader at RSM US LLP - Complex Delivery and Post Close Optimization - Healthcare Industry & Private Equity Strategy and Management Consultant
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
-
Cyber threats are a gamble you can't afford to take with your deals. RSM's IT and cyber due diligence services minimize disruptions and maximize success. Protect your investments from costly consequences:
The linchpins for successful M&A transactions: IT and cyber due diligence
Passionate about startups 😃😃😃
9moSo true! It's important to shift our focus from just mitigating to actually controlling the adversary's actions. 💪🛡️ #CyberSecurity