//////////////////////////////////////////////////////////////////// t cht lk
policies based on who needs access to
these specific sets of data.
Technology
As discussed previously, there are a host
of technologies that security teams can
implement in order to layer their defences.
That being said, it’s important that IT teams
do not implement isolated point solutions
as they layer their defences, but rather,
select those tools based on their ability to
be integrated and automated to create a
Security Fabric that can facilitate the rapid
detection and mitigation of threats.
Another tactic IT teams should leverage is
Deception Technology. Network complexity
is an achilles heel for adversaries. Deception
technologies level the playing field by
automating the creation of dynamic
decoys that are dispersed throughout the
IT environment, making it harder for the
adversary to determine which assets are fake
and which are real.
increasing the chances of data recovery
from a cyberevent. and would have the greatest impact on the
business if breached.
Next is the collection and analysis of
threat research. Every security strategy and
tool must be informed by current threat
intelligence in order to effectively detect
and respond to threats. For example, threat
research might reveal that cybercriminals
have been carrying out attacks through a
specific vulnerability or targeting endpoints
with a specific malware. From there, security teams can develop
policies and deploy strategies to keep
this data more secure and minimise
consequences. This might mean using
network segmentation to add an extra
level of security or creating access control
Armed with this information, IT teams
can then take proactive measures by
making any necessary system updates and
increasing monitoring to detect behaviour
indicative of one of these attacks. It is
also important that IT teams consult both
local and global threat data for the most
comprehensive understanding of the
threat landscape.
Another important process on the road to
effective cybersecurity is the prioritisation of
assets. While IT teams remain strained due
to the cybersecurity skills gap, networks have
become increasingly sophisticated, making it
impossible to manually monitor each area of
the network at all times.
Therefore, IT teams must know where all
their assets are and prioritise these assets
based on which are most business critical
www.intelligentcio.com
“
EVERY SECURITY
STRATEGY AND
TOOL MUST BE
INFORMED BY
CURRENT THREAT
INTELLIGENCE
IN ORDER TO
EFFECTIVELY
DETECT AND
RESPOND TO
THREATS.
When an adversary can’t make this
distinction, cybercriminals are forced to waste
time on fake assets and exercise caution as
they look for tripwires embedded in these fake
environments. This may require them to alter
their tactics, thereby increasing their chances
of being detected by security teams.
Finally, IT teams should leverage
segmentation. Adversaries target networks
to gain access to and exploit organisations’
business-critical data, whether that is their
customer and personnel information,
intellectual property, financial records, etc.
Segmenting corporate networks enables
IT teams to separate their applications
and sensitive data into different segments
of sub-networks with varying degrees of
security. This allows for greater access
control on critical systems, thereby limiting
exposure if there is a breach.
FINAL THOUGHTS
Modern network security requires a layered
defence approach that factors in people,
processes and technology. Together, such
tactics – including creating a strong culture
of security, conducting threat research,
prioritising assets and deploying modern
network controls – will enhance visibility and
shorten threat response times, resulting in
minimising the impact of cyberattacks. n
INTELLIGENTCIO
79