Cyber security experts around the world understand now that they can’t stop the next attack.
The main questions that still exist are: when, how, what will happen, would I know about the attack, and how much time will it take me to stop the attack?
Good Information Security Standards has always been to use layers, with one technology protecting the other. Unfortunately, in the end, after all security control has been implemented, what will happen? Will my organization be secure? Once the attack has been detected, what action will need to be performed?
In other words, a lot of questions are left unanswered. But what we can say with certainty is that the attackers are here. They may come from multiple backgrounds with different agendas, but they are most certainty coming.
My goal as a cyber security professional is to stop them. In order to succeed, I need to perform the right action every time, all the time. I need someone to be able to be as fast and as methodical as my attacker is.
The world has changed. Cyber-crime is a full-time business, and as with every business, time is money. With that, approved security experts need to develop the next phase of security.
Cyber security plans need to be strategized around delaying the attacker, solving problems faster and costing the attacker money and time. After all, if it’s not worth it, why do it?
So now, every file is checked with every technology available. Every entry is checked and every communication is examined. But then comes the biggest problem. Who can take the necessary action to verify and block all the attacks that are coming from multiple sources?
As cyber security professionals, we’re trying to think about what to look for in the biggest collection of information that’s ever been monitored. We’re trying to find the resources to understand what an attack is and then block it.
The problem is, we’re all looking at the problem in the wrong way.
Our attackers communicate. They use scripting and other systems to do a lot of the “heavy lifting”. If we want to be able to stop/delay them, we cannot place a person in charge of pressing the buttons. We need to be able to fight fire with fire, and even better – use guns against knives.
Instead of implementing a cyber security system that was design for everyone, let’s face it; our company is not like any other company. We strive to change things, using our own knowledge, experience and expertise to our advantage. We customize our security to best fit the protection we need, choosing the best security architecture for each organization.
At Ayehu, we use automation for cyber security along with customized security design that will make would-be attackers give up before they even reach their goals. So, instead of alerts reaching a level 1 engineer, passing though multiple systems and then communicating with level 2 for accessing more systems to mitigate the attack, we build the procedure and leave level 1 with the knowledge of level 2 and strict access to stop the attacker within level 2 devices.
By doing what we do best faster, and by adapting our security to the relevant risks (even if it’s by just a few seconds), we could CHANGE the outcome for the positive.