The Five Core Components of Proactive Cybersecurity

By Special Guest
Amol Kulkarni, VP of Engineering, CrowdStrike
December 05, 2016

In 2016 the cyber landscape reached new heights with advanced attack methods, increased levels of sophistication and escalated frequency of adversary activity. As technically astute and often well-funded hackers continue to deploy new, constantly evolving techniques, organizations are too often focusing their efforts on detecting known threats, or Indicators of Compromise (IoC). This reactive approach doesn’t account for mutating or unknown malware, living-off-the-land techniques or new variants being deployed.

As hackers become more innovative, so must organization’s capabilities to protect their networks with next-generation, proactive approaches to prevention, detection and response, and remediation.

There are five core components to effective endpoint cybersecurity on all of these fronts:

  1. Proactive detection and response – As noted, security methods that focus on IoCs are no longer enough to address today’s advanced threats. By the time an IoC, such as a known-malware signature, is detected, the probability that the organization has been compromised is high. Instead, it’s crucial for organizations to shift to proactive cybersecurity techniques focusing on Indicators of Attack (IoAs) that identify adversary behavior, such as code execution or lateral movement. This enables organizations to prevent, detect, and respond to both known and unknown attacks.
  2. Prevention and actionable threat intelligence – In order for cybersecurity to be effective, organizations need to understand not only where the adversary is today, but where it has been, what its objectives are and what it is capable of. By integrating threat intelligence into detection and response, organizations gain a better understanding of the risks they face and can ultimately build stronger, more resilient defenses.
  3. Machine learning – Machine learning gathers and analyzes the breadth of businesses’ security-related data, including threat intelligence and reliable indicators. With accurate data input, machine learning can identify IoAs faster, supporting threat prevention with speed and scalability.
  4. Managed hunting teams – As long as there are humans behind hacks, we must have the power of humans behind our defenses. Managed hunting teams act as human enforcers, proactively patrolling the network for any anomalies or issues. This extra layer of human protection augments and enhances automated detection capabilities.
  5. Cloud-based endpoint security – Cloud-based endpoint protection technology enables organizations to scale whenever needed and offers a unique and distinct advantage in delivering speed, efficacy and response capacity. Today, enterprises are increasingly distributed and have to manage a sprawl of endpoint devices with growing mobile workforces. To that end, many CISOs struggle to provide full security coverage to all users, all the time, whether they are on or off the network.

The cloud enables the collection and analysis of billions of security events in real time that sharpens machine learning algorithms, IoA-based prevention, and detection and response capabilities. Ultimately, this leads to faster, more agile and more comprehensive defenses.

In order to stay ahead of today’s skilled hackers and evolving techniques, organizations must shift their cybersecurity approach to focus on these proactive methods – from IoAs and cloud-based endpoint security to machine learning and managed hunting teams. By unifying these crucial elements, organizations will have a significant advantage over the adversaries that target them.

About the Author

Amol Kulkarni is a seasoned engineering executive with extensive experience building large-scale big data enterprise cloud platforms, consumer cloud services and enterprise products while knitting together world class, high performing global engineering teams. Amol is currently the Vice President of Engineering for CrowdStrike, overseeing the company’s engineering organization and customer facing technology infrastructure. Prior to joining CrowdStrike, Amol held numerous senior positions at Microsoft. Most recently, he was responsible for the knowledge platform in Bing that’s driving significant gains for Bing’s U.S. search market share. Amol also held senior roles in Windows Azure and BizTalk Server, helping reduce COGs and improve developer productivity.




Edited by Alicia Young


SHARE THIS ARTICLE
Related Articles

Why Blockchain Could Be a Gamechanger

By: Paula Bernier    1/22/2018

Blockchain has become closely associated with the controversial topic of cryptocurrency. And that's fine because blockchain is an enabling technology …

Read More

Consumer Privacy in the Digital Era: Three Trends to Watch

By: Special Guest    1/18/2018

Digital advertising has exploded in recent years, with the latest eMarketer data forecasting $83 billion in revenue this year and continued growth on …

Read More

CES 2018: Terabit Fiber - Closer Than We Think

By: Doug Mohney    1/17/2018

One of the biggest challenges for 5G and last mile 10 Gig deployments is not raw data speeds, but middle mile and core networks. The wireless industry…

Read More

10 Benefits of Drone-Based Asset Inspections

By: Frank Segarra    1/15/2018

Although a new and emerging technology, (which is still evolving), in early 2018, most companies are not aware of the possible benefits they can achie…

Read More

VR Could Change Entertainment Forever

By: Special Guest    1/11/2018

VR could change everything from how we play video games to how we interact with our friends and family. VR has the power to change how we consume all …

Read More