The key to a cyber battlefield, like a traditional military battlefield, is to realize that there will indeed be many battles.
By CY Security Chief Critical Cyber Operations Officer Shamulik Ezekiel (Colonel, Race)
As a cybersecurity professional and a reserve field officer in the Israeli military, I have gained a lot of valuable insights on its pages. Tactics, Written by fifth-century Chinese military general Sun Xu. A special but often overlooked passage heading “Attack by Strategy” is particularly relevant because we face an ever-increasing list of cyber threats and vulnerabilities. Much more than ever, we need to prioritize আমাদের what we need to protect to keep businesses and organizations afloat and what targets attackers can target — and this powerful passage that has guided fighters for centuries has important insights into how to do it. That, and why it’s so important:
“If you know the enemy and know yourself, you don’t have to fear the consequences of a hundred battles. If you know yourself but do not know the enemy, you will suffer defeat for every victory. If you don’t know the enemy or yourself, you will lose every battle. “
Let’s move 3,000 years faster and break it down in terms of cyber security, where we are actually facing hundreds of wars every day.
“Know your enemy”
In our line of work, it is crucial to define and identify potential threats. For example, I have worked in organizations that did not take the time to understand the impending threat and instead spent their time building a comprehensive defense system to prevent only general and vague ongoing threats. Conversely, I have worked with some of the most sensitive members of the security team who have focused so much on a particular threat that they have not devoted enough resources to building a comprehensive defense system. Both examples did not consider these three simple words.
The key to an effective defense strategy is to determine who the threatening actors are and what they are threatening. In cyber terms, this means TTP of threat actors, or tracking strategies, threats and methods, to learn more about them. But that’s not all; Companies must work on the intelligence they have, including using it to help them hire appropriate cyber security professionals. For example, if companies determine that they are facing threats from state-backed actors, they need to make sure their team includes cybersecurity professionals with experience in the military or government IT or cyber departments.
When you understand the mentality of your enemy, you are one step ahead in many ways.
“Know yourself”
Immediately following the enemy’s awareness, Sun Xu tells us to know ourselves.
In our experience in the industry, we have seen that companies are completely unaware of their assets or which of them needs protection. For example, as thousands OrganizationFrom Apple to Belgium’s Ministry of Defense, continue to address ongoing global Log4J vulnerabilities, Millions more are probably not aware That they use this open-source library, and thus the top cyber security official of the US government The most serious weakness Ever in general, in more than 75% of cases where we have conducted attacks over the years, the victim organization did not even know the layout of its networks. In fact, the attackers knew and understood the networks and resources better than these agencies.
Also, companies need to determine the amount of risk, to understand what it means for businesses to ultimately attack each of their digital assets. Depending on what they hit, cyber attacks can have a profound effect on an organization or business, ranging from shutting down its website to retrieving proprietary information such as customer details or intellectual property to selling on the Dark Web, disabling essential services such as gas pipelines. Until.
“If you know yourself but do not know the enemy, you will suffer defeat for every victory.”
Cybersecurity today is a combination of knowing oneself and the enemy. Even if a company thoroughly examines security and prioritizes all of its assets in terms of overall business risk from cyber attacks, but still does not fully understand potential enemies or potential attackers এবং and responds accordingly এটি it is not only still many times defeated. , But will be unprepared if an attack occurs.
Understanding the enemy and what they want helps companies create appropriate and effective contingency plans for attacks. For example, if agencies know that attackers are likely to seek ransom, they may seek legal advice and understand the implications of the payment, which often does not lead to the recovery of all data. Or, if they know that attacks could come through software supply chains, they can plan accordingly, including giving their entire workforce additional training on cyber hygiene. Today, the response to a cyber attack not only deals with data recovery, but also has far-reaching legal, financial and even physical consequences, such as disrupted utility services or frozen assembly lines.
“If you don’t know the enemy or yourself, you will lose every battle.”
The meaning of this last sentence is clear after the above discussion. But it also serves as a precaution, as many companies remain unprepared. Protection based on blindly investing in more technology and equipment or complying with regulations is not enough.
The key to a cyber battlefield, like a traditional military battlefield, is understood to be that, as Sun Xu writes, there will indeed be many battles. And businesses must be prepared for those battles by understanding and constantly measuring their cyber risks and constantly monitoring who and how they can be attacked.
Cyber incidents are widespread; Businesses must be proactive, not a prisoner waiting for something to work as a hunter and bite in line. They must run “find evil” operations, have constant intelligence activity to detect threats, and practice their cyber response plan because there will be many battles.
About the author
Colonel (Position) Shamulik Ezekiel, CYE’s Chief Critical Operations Officer, has more than 26 years of experience in the IDF’s Israeli Defense Special Forces. Shmulik is a software engineer and a cyber security professional with extensive strategic and hands-on experience. Shamulik brings valuable knowledge year after year to leading activities, data protection, and emergency and risk management in the IDF, the Ministry of Defense and the Office of the Prime Minister of Israel. As CYE’s Chief Critical Operations Officer, Shmulik led data forensics and incident response (DFIR), threat victims, and computer threat intelligence (CTI) activities. His team includes national-level security experts and senior intelligence officials. The team is tasked with bringing CYE’s ability to predict and predict cyber threats and provide businesses with the support and skills they need to respond to cyber incidents.
Email: [email protected] Website: www.cyesec.com
Notice of fair use: Under the “fair use” law, other authors may restrict the use of the original author’s work without permission. 17 According to US Code § 107, some use of copyrighted material is “not a copyright infringement, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship or research.” As a matter of principle, fair use is based on the belief that parts of copyrighted material are free to be used for the purpose of public comment and criticism. The privilege of fair use is perhaps the most significant limitation of the exclusive rights of copyright owners. Cyber Defense Media Group is a news reporting company that reports cyber news, events, information and much more on our website Cyber Defense Magazine at no charge. All images and reporting are done exclusively under the fair use of US copyright law.