That old “best offense is a good defense” adage is as true with IT as it is with the NFL.
Entrepreneur’s New year guide
The professional res in our guide inspire you and help you achieve your goals in 2021.
15 January 2021
Read 5 minutes
Opinions expressed by Businessman The contributors are their own.
At a time when remote work and its increased security risks have become the norm, the ongoing difficulty in securing corporate networks suggests that the status quo is not working. Therefore IT security teams are moving from passive to active approach. MITER Corporation (a nonprofit that manages federally funded research and development centers) recently introduced its Shield framework, which explicitly states that active in overcoming today’s threats Defense is important. Business leaders who know the latest strategies and recommendations place their companies in a strong position to stay safe.
Related: How-to: Protecting Your Intellectual Property as a Small Business
Concept of active defense
The Shield is an active defense knowledge base, developed over more than a decade of enemy engagement. With this, MITER is trying to gather and organize what it is learning in relation to active defense and adversarial engagement. This information considers high-level, CISO-ready ideas and objectives of the objectives in which more focused conversations of strategy, technology, and processes can be used. The purpose of this latest framework is to encourage discussion about active defense, how it can be used, and what security teams need to know.
Defining active defense
A set of active defense activities are involved, including counterproductive, basic cyber defensive capabilities, and cyber deception. This prevents the use of an adverse action and counterattack to prevent an adversary from taking digital territory or property. Taken together, these activities enable IT teams to prevent current attacks as well as gain more information in the Periprator. They can then prepare more fully for future attacks.
As MITER notes, the modern security stack must include deception capabilities to truly counter and manage. In Shield’s new strategy and technology mapping, fraudulent 33 active defense techniques, as well as eight active defense strategies — channel, collect, incorporate, detect, disrupt, facilitate, validate, and test.
Related: Cyber Security Implementation and Future Strategies for Enterprises
Truth of deception
Threatening actors are targeting enterprise networks, none of the nation-state attackers, which cause chaos by looking at more run-of-the-mill criminals who own proprietary information and may receive some PII They can exploit. Analysts estimate that depending on the targets, significant breaches of the enterprise network have increased from three to six.
As leaders consider their security strategy, they need to understand not only what active defense means, but also what deception really is. A prevailing fallacy is that fraud is synonymous with honeypots, which have been around for a long time and are no longer effective. And much management is required to make them as realistic as possible so that if the attackers engage with the honeypot, they won’t be able to find out that it’s not a real system and therefore know that they’re in the middle of being caught.
Therefore, the time has come to clarify that notion. In truth, deception techniques and honeypots are not synonymous. This is how deception began, but it has evolved a lot since then. Today’s hoax takes the breadcrumb / deceptive artifact approach that leads attackers on a false path, which triggers alerts so that defenders can find and intercept attackers in real time. Only unauthorized users know that deceptions exist, because they have no effect on everyday systems, so false positives are dramatically reduced. These aspects of deception techniques add financial value to an IT security organization.
In addition, some organizations incorrectly understand that cheating is too complex and achieves comparatively very low ROI. Security organizations can enjoy the benefit of using deception techniques – which are lighter and have lower cost of maintenance – but some hesitate because they think it is a heavy, complex approach that will not give them enough value. However, using technology aids such as automation and AI, deception eliminates the complexity previously known.
Organizations think of deception from a technology standpoint, but this is incorrect; This should be thought of approach in a use case. For example, detection is a fundamental element of any security program. Everyone needs better detection capabilities – part and parcel of today’s deception tools.
A strong defense
As the tactics and equipment of cybercriminals keep changing, so should defenders. ‘An expanded threat scenario and new attack types make this job more difficult than ever. This year many organizations around the world underwent rapid digital transformation, which created security gaps for the exploitation of bad actors. The events of 2020 highlight the need for a better approach to acquire significant assets. Active defense is part of that approach, as outlined in the MITER Shield framework. Deception techniques are an agile solution to incorporate into an organization’s security strategy.
Related: 5 types of business data hackers can’t wait to get their hands on