3 Pieces Of Advice To Help You Prepare For Cyber Attacks Of The Future
The following is an excerpt from an interview by Panther with David Vincent, Appsian’s Chief Security Evangelist and VP of Product Strategy. In the interview, David shares three pieces of advice to help organizations prepare for cyber attacks of the future. You can read the entire interview, The Future of Cyber Attacks — Insights From David Vincent, on Panther’s website.
1. Always Understand Your Current Risk Exposure & Vulnerabilities
The first step to prepare for cyber attacks is to assess your defensive capabilities to identify weaknesses that need to be resolved quickly.
This can be done by conducting a thorough risk assessment to identify and quantify all potential security risk exposure. With this information, an organization can evaluate the design and operating effectiveness of those controls intended to mitigate those risks to determine if any vulnerabilities exist that cybercriminals could exploit.
Part of this risk assessment should determine your security control environment’s capability to detect, prevent, respond, and recover from threat events. Furthermore, it is vital to monitor the residual risk level of a given risk event against the organization’s maximum risk appetite level to determine if they have implemented an adequate level of mitigation controls.
Residual Risk = Inherent Risk – Control Effectiveness.
If the residual risk level is too close or exceeds the maximum risk appetite level, then the organization must go back and improve its control effectiveness.
2. Perform Independent Risk Assessments
Have an independent audit performed every six months to evaluate the design and operating effectiveness of the security control you have implemented to safeguard your systems and data. Part of this independent risk assessment should determine your security control environment’s capability to detect, prevent, respond, and recover from threat events.
3. Implement A Continuous Improvement Process
First, organizations should implement these six leading practices based on lessons learned from recent ransomware and cyber attacks:
- Change their mindset and security posture from “if we are breached” to “when we are breached.”
- Implement the Zero-Trust security model to enforce the principle of never trust, always validate.
- Implement layered security, also known as defense in depth.
- Transition from static security found in the typical Role-Based Access Control (RBAC) security models to a dynamic security model like Attribute-Based Access Control (ABAC).
- Enforce Multi-Factor Authentication (MFA) at various layers – login, critical transaction level, and critical data field level.
- Implement dynamic security controls capabilities to improve the organization’s ability to identify, detect, prevent, respond, and recover from anomalies and threats.
Next, organizations should consider implementing AI & machine learning capabilities to constantly (24/7/365) monitor their security risk indicators to detect and respond to anomalies and threats.