Despite the cliché “an attacker doesn’t care about your compliance” it is sadly still how aspects of security are addressed in the enterprise. While it is a necessity, compliance is not security and that is oft forgotten.
So what is the alternative? It is something we focus on quite a bit here at HolistiCyber – Defending like an Attacker.
Understanding who your cyber attackers are and why they would be motivated to attack you is a critical part of any defense plan. If you’re defending based on “best practices” or what the vendors are telling you to watch out for, you could potentially be missing a major threat vector that your attackers are very comfortable exploiting. This is why any and everyone can be a target for a nation-state attack.
There are several reasons to be of interest to a nation-state, such as but not limited to:
- IP, Financial, and Economic Data
- High Net Worth Investments
- Cross-Border M&A
- Geopolitical Interests/Targets
These are just some of the reasons – not to mention the pandemic we are all facing as well.
In the article he discusses 4 main approaches to consider when creating your offensively defensive plan:
- Deep-Level Technical Expertise and Creativity
- Big Picture and Holistic Thinking
You can find the original article here to read more: “Defend like an attacker: 4 required approaches.” You can also get in contact with us via our Contact Us page to discuss how we can help bring your cybersecurity program to the cyber defense level.