Episode 4: Dynamics of Cyber Defense...an Ongoing, Repetitive Process

Episode Resources:Blog: Assess, Remediate, and Implement with CIS SecureSuite: https://www.cisecurity.org/blog/assess-remediate-and-implement-with-cis-securesuite/ Free Webinar: CIS Benchmarks and CIS-CAT Pro Tool Demo: https://www.cisecurity.org/webinar/cis-benchmarks-demo/ Part 1 of a 2-part seriesTechnology is ever-changing AND ever-evolving, creating an uncertainty amongst cybersecurity professionals – the defenders – in their pursuit of an effective cyber defense strategy. The uncertainty of the defender can justifiably be attributed to the uncertainty of the attacker. In this week’s Cybersecurity Where You Are podcast, hosts Tony Sager and Sean Atkinson introduce cyber defense as a risk-based process to reduce the overall probability and impact that a cyber-attack will have on an organization.Cyber defense never endsCyber defense refers to the ability to prevent cyber-attacks from infecting a computer system or device; it involves anticipating adversarial cyber actions and countering intrusions. There’s no “one-size-fits-all” when it comes to cyber defense protocol or strategy. However, a good cyber defense strategy should aim to protect, prevent, detect, respond to, and recover from external and internal attacks. As technology expands, the complexity of cyber-attacks also evolves, forcing cyber defense initiatives and defenders of such, to do whatever they can to keep up.OODA loop processThe OODA (Observe, Orient, Decide, Act) loop is a repetitive four-step decision-making process that focuses on gathering information, putting that information into context, making the most appropriate decision while also understanding that changes can be made as more data becomes available, and then taking action. The OODA loop is especially applicable to cybersecurity and cyber defense where agility and repetition (by the defender) potentially overcomes that of the attacker.Fog of MoreWhile cyber defense is an abstract model, cybersecurity defenders have to actually do concrete things. It initially comes down to having a plan in place and asking the right questions: What data do we have? Where is it? What do we do with it?Asking the right questions (for clarity) eliminates the Fog of More (coined by Tony Sager, of all people) – the overload of defensive support (i.e., more options, more tools, more knowledge, more advice, and more requirements, but not always more security).An effective cyber defense program requires defenders to gather information and data, put that data into context, make decisions, take action, and then REPEAT, REPEAT, REPEAT.

There are no comments yet.

Please log in to write the first comment.