The Five Core Components of Proactive Cybersecurity

By Special Guest
Amol Kulkarni, VP of Engineering, CrowdStrike
December 05, 2016

In 2016 the cyber landscape reached new heights with advanced attack methods, increased levels of sophistication and escalated frequency of adversary activity. As technically astute and often well-funded hackers continue to deploy new, constantly evolving techniques, organizations are too often focusing their efforts on detecting known threats, or Indicators of Compromise (IoC). This reactive approach doesn’t account for mutating or unknown malware, living-off-the-land techniques or new variants being deployed.

As hackers become more innovative, so must organization’s capabilities to protect their networks with next-generation, proactive approaches to prevention, detection and response, and remediation.

There are five core components to effective endpoint cybersecurity on all of these fronts:

  1. Proactive detection and response – As noted, security methods that focus on IoCs are no longer enough to address today’s advanced threats. By the time an IoC, such as a known-malware signature, is detected, the probability that the organization has been compromised is high. Instead, it’s crucial for organizations to shift to proactive cybersecurity techniques focusing on Indicators of Attack (IoAs) that identify adversary behavior, such as code execution or lateral movement. This enables organizations to prevent, detect, and respond to both known and unknown attacks.
  2. Prevention and actionable threat intelligence – In order for cybersecurity to be effective, organizations need to understand not only where the adversary is today, but where it has been, what its objectives are and what it is capable of. By integrating threat intelligence into detection and response, organizations gain a better understanding of the risks they face and can ultimately build stronger, more resilient defenses.
  3. Machine learning – Machine learning gathers and analyzes the breadth of businesses’ security-related data, including threat intelligence and reliable indicators. With accurate data input, machine learning can identify IoAs faster, supporting threat prevention with speed and scalability.
  4. Managed hunting teams – As long as there are humans behind hacks, we must have the power of humans behind our defenses. Managed hunting teams act as human enforcers, proactively patrolling the network for any anomalies or issues. This extra layer of human protection augments and enhances automated detection capabilities.
  5. Cloud-based endpoint security – Cloud-based endpoint protection technology enables organizations to scale whenever needed and offers a unique and distinct advantage in delivering speed, efficacy and response capacity. Today, enterprises are increasingly distributed and have to manage a sprawl of endpoint devices with growing mobile workforces. To that end, many CISOs struggle to provide full security coverage to all users, all the time, whether they are on or off the network.

The cloud enables the collection and analysis of billions of security events in real time that sharpens machine learning algorithms, IoA-based prevention, and detection and response capabilities. Ultimately, this leads to faster, more agile and more comprehensive defenses.

In order to stay ahead of today’s skilled hackers and evolving techniques, organizations must shift their cybersecurity approach to focus on these proactive methods – from IoAs and cloud-based endpoint security to machine learning and managed hunting teams. By unifying these crucial elements, organizations will have a significant advantage over the adversaries that target them.

About the Author

Amol Kulkarni is a seasoned engineering executive with extensive experience building large-scale big data enterprise cloud platforms, consumer cloud services and enterprise products while knitting together world class, high performing global engineering teams. Amol is currently the Vice President of Engineering for CrowdStrike, overseeing the company’s engineering organization and customer facing technology infrastructure. Prior to joining CrowdStrike, Amol held numerous senior positions at Microsoft. Most recently, he was responsible for the knowledge platform in Bing that’s driving significant gains for Bing’s U.S. search market share. Amol also held senior roles in Windows Azure and BizTalk Server, helping reduce COGs and improve developer productivity.




Edited by Alicia Young


SHARE THIS ARTICLE
Related Articles

Mist Applies AI to Improve Wi-Fi

By: Paula Bernier    11/9/2017

Mist has created an AI-driven wireless platform that puts the user and his or mobile device at the heart of the wireless network. Combining machine le…

Read More

International Tech Innovation Growing, Says Consumer Technology Association

By: Doug Mohney    11/8/2017

The Consumer Technology Association (CTA) is best known for the world's largest trade event, but the organization's reach is growing far beyond the CE…

Read More

Broadcom Makes Unsolicited $130B Bid for Qualcomm

By: Paula Bernier    11/6/2017

In what could result in the biggest tech deal in history, semiconductor company Broadcom has made an offer to buy Qualcomm for a whopping $130 billion…

Read More

How Google's 'Moonshot' Could Benefit Industrial Markets

By: Kayla Matthews    10/30/2017

The term "moonshot" encapsulates the spirit of technological achievement: an accomplishment so ambitious, so improbable, that it's equivalent to sendi…

Read More

After Cisco/Broadsoft, Who's Next for M&A?

By: Doug Mohney    10/27/2017

Cisco's trail of acquisition tears over the decades includes the Flip video camera, Cerent, Scientific Atlantic, Linksys, and a couple of others. The …

Read More