Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Playing cyber defense is not enough to win

Kacy Zurkus | Dec. 8, 2016
Sometimes offensive attacks are a necessary part of the game.

Because security functions in nearly equal parts proactive and active mode, the best way to minimize potential damage is by limiting the human error through security awareness

When those processes and procedures are in place, and they have an incident response plan, they can test them which will lead to important conversations. "They can talk about offensive attacks to disrupt attacks in process so that you know you are in compliance and that you have the right to do this or that," Johnson said.

The bigger challenge to winning the game is not in offense or defense as much as it is in planning. Johnson said, "If you plan for it and everyone has looked at it and signed off, you don't have to worry, but a lot of companies don't plan for it."

Because there seems to be some ambiguity in interpreting the law, aggressively responding might not be the most prudent path. Dana Simberkoff, chief compliance and risk officer at AvePoint, said that outside of attacking their attackers, there are lots of things enterprises can do to be proactive.

"Understand the data that you hold, the more valuable, the more likely you are to be attacked," Simberkoff said. Companies that collect more data than they need and keep it forever in the hopes that it will someday be useful are putting their data at greater risk.

"It's counterintuitive to best security practices. Even Snowden was not particularly creative. That should have been able to have been prevented," said Simberkoff. The mistakes aren't necessarily in the technical part of defense, but in the human errors.

"I've worked with privacy and security teams that definitely believe that responding in an aggressive way is the approach they should take, but I still feel like most vulnerabilities can be addressed by education and good policies and procedures," Simberkoff said.

That's why the teams that are topping the ratings charts in the NFL aren't the ones who are ranking first in either offense or defense. They are the ones that are holistically playing a better game. 

IDG Insider

 

Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.

GCIO Forum 2017: Public-private partnerships key enabler of digital governments

Will AI kill jobs?

Is your workplace as smart as your workforce?

Estonia showcases the advantages of a digital society

TD Ameritrade accelerates innovation with agile, design thinking

Why eSIM is crucial for managing IoT

HKU and Cyberport commit to building a digital tech ecosystem in Hong Kong

Macao Water builds enterprise asset management system to improve productivity

University of the City of Manila inaugurates technology and innovation centre

Sompo Insurance Singapore's chatbot help consumers make informed buying decisions

With an eye on WCIT 2020 in Malaysia, PIKOM delegation supports global ICT gathering in Taiwan

'Let this be a warning,' says Malaysia enforcement director, seizes pirated Microsoft products

Another stride along digitisation highway for Malaysia's BP Healthcare

Enhanced security is just one reason behind refreshed mobile app, says Malaysia's Hong Leong Bank

How digitisation is helping to achieve 'Runway to Success' goals for Malaysia Airports