Do you know what it takes to truly defend your cyber security? It’s more than firewalls and eight character passwords, cyber security encompasses your entire network and the only way to keep it secure is by preparing to defend it as a whole. Today, Katherine James, SVP of sales, will be presenting “Comprehensive Attack Intelligence” to a distinguished crowd at the 2nd Annual Cyber Defense Summit in Augusta, Georgia. While this is a premier event for our Federal friends, not everyone was able to make it to Augusta so instead we are doing our part to bring the summit to you. Do you have a comprehensive view of what an attacker sees when they look at your system? To understand how to defend your network, first you have to understand that anatomy of a cyber-attack. Let’s take one that most of you have heard of, the Target breach. A partner of Target’s, their HVAC provider, was breached and credentials were stolen. The attackers then used those credentials to legitimately log in through a web app, access the network, reach the POS system, and extract malware on hundreds of thousands of people to, well, let’s just say a known troublemaker. What is unique about that attack is that it’s not unique at all. A vulnerability in the HVAC company’s network allowed someone to breach Target and use stolen credentials to access critical assets. This happens every day and it happens because of a few things:
- There are over 700,000 known vulnerabilities in the world. If we just look at the high scoring CVSS scores, that’s still 93,000. If your security team were to work on just the high scoring ones every day you would need to solve 372 vulnerability patches EACH DAY.
- Then there’s the identity side. When you multiply thousands of employees with hundreds of applications, you can quickly get into the billions of access relationships that you need to manage.
We are simply overloaded with data! The problem of too much data is leaving our organizations paralyzed. We can’t protect what we can’t see and attackers are taking advantage of those limitations. What you need is a comprehensive attack strategy that will cover your entire network from vulnerabilities to access risk.
- Get your basics in order
- Assess, Analyze, and Remediate risk
- Build a Vulnerability and Access Risk Management team
- Plus- business and technical takeaways for how these strategies will help improve your team