Defending our Digital Homeland: Preventive Control Is Only The Beginning

 “We shall defend our island, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender.”    – Sir Winston Churchill, June 1940

Winston Churchill understood that Threat Defense is an expansive and never ending battle.  As enterprises struggle to defend their “homeland” from insiders and creative, well-equipped cyber criminals, it can feel like a losing battle to the “Generals” – the C-Suite – and the “soldiers” – the security analysts– fighting in the trenches. 

Yet, we must keep fighting. The key is to realize there is no single battlefield, nor a single defense mechanism to protect our enterprises.  Traditional perimeter controls alone are not effective, especially now that our digital assets are virtual and mobile. A more comprehensive and enterprise-wide defensive strategy is the solution.

“. . . You ask, what is our policy? I say it is to wage war by land, sea, and air.”
We can easily translate Churchill’s policy into modern cyber warfare. “By land” equates to Logs – traditional threat monitoring and compliance, and the initial window into threats and anomalies. Your analysts must be able to collect over a wide range of protocols, and ingests logs from hundreds of event source types, including a myriad of industry-leading network and security devices, popular applications and operating systems. This window into risks and threats, which an evolved (Read more...)

*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Karl Klaessig. Read the original post at: http://www.rsa.com/en-us/blog/2018-09/defending-our-digital-homeland-preventative-control-is-only-the-beginning.html