{"id":4401,"date":"2021-05-25T10:14:14","date_gmt":"2021-05-25T09:14:14","guid":{"rendered":"https:\/\/www.adarma.com\/?p=4401"},"modified":"2023-08-17T09:25:08","modified_gmt":"2023-08-17T09:25:08","slug":"prioritising-the-dynamic-re-organisation-of-defence","status":"publish","type":"post","link":"https:\/\/adarma.wpengine.com\/prioritising-the-dynamic-re-organisation-of-defence\/","title":{"rendered":"Prioritising the Dynamic Re-organisation of Defence"},"content":{"rendered":"
It\u2019s become something of a clich\u00e9 for cybersecurity vendors and service providers to write ominously about the looming imminence of successful cyber-attacks against organisations \u2013 it\u2019s now a matter of not if, but when the phrase \u201cit\u2019s not if, but when\u201d will turn up in any given bit of marketing material!<\/strong><\/p>\n Unfortunately, this is one of those clich\u00e9s that, if no silver bullet, is worth its weight in gold. \u201cComedy\u201d aside, it\u2019s both a) true and b) worth paying attention to. Even in the last couple of weeks (at time of writing), we\u2019ve seen major ransomware attacks making global headlines \u2013 the Colonial Pipeline attack in Virginia, USA (rumoured to have cost somewhere in the region of $4 million to resolve by paying the attackers), and in the Irish Health Service which has resulted in IT systems being shut down for days.<\/p>\n The success of these attacks doesn\u2019t illustrate a lack of investment in cybersecurity by boards (Gartner, for example, predicts a continuing year-on-year investment of up to 10% through 2021 and beyond) but rather an incomplete understanding of risk, a reliance on static defence (firewalls, IDS\/IPS brittle controls, AV, etc), brittle controls, and a failure to gather and utilise threat intelligence \u2013 then proactively act on it.<\/p>\n Fortunately, there are ways to rectify the situation, and SecOps teams have a key role to play in making it happen: a shift to Active Defence. It\u2019s not a new idea \u2013 even as far back as 2004, national cyber defence agencies were insisting that \u201cstatic defence is inadequate\u201d \u2013 or even necessarily novel ideas \u2013 but a combination of the post-pandemic threat landscape, the democratisation of threat as malign actors increasingly set themselves up as a kind of mirror universe cyber services provider, and the maturation of both market and technology means that it\u2019s an idea that\u2019s time, to borrow another clich\u00e9, has finally come.<\/p>\n By understanding what business services and assets are defending \u2013 and why they\u2019re critical \u2013 building a threat profile of likely attacks and attackers becomes a manageable task, and this combination of business insight and intelligence gives a baseline position from which current control and capability effectiveness can be assessed. But to effectively counter identified threats as they evolve, and avoid control drift, dynamic re-organisation of defence is critical \u2013 monitoring threat intelligence, continuous assessment of risk surfaces, and a proactive adaptation of your defence in line with your intelligence.<\/p>\n Adarma\u2019s threat intelligence experts delve into the basics of Active Defence, an overview of the important techniques of Dynamic Risk Assessment, Denying Threats, Detecting Threats, Disrupting Threats, and Deceiving Threats, and an insight into minimum capabilities and methods for utilising your existing investments in the white paper \u201cActive Defence for Security Operations Teams.<\/a>\u201d<\/strong><\/span><\/p>\n Read the whitepaper and let us know what you think \u2013 and how we can help.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" It\u2019s become something of a clich\u00e9 for cybersecurity vendors and service providers to write ominously about the looming imminence of successful cyber-attacks against organisations \u2013 it\u2019s now a matter of not if, but when the phrase \u201cit\u2019s not if, but when\u201d will turn up in any given bit of marketing material! Unfortunately, this is one […]<\/p>\n","protected":false},"author":1,"featured_media":5502,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[197],"tags":[],"acf":[],"yoast_head":"\n