The Five Core Components of Proactive Cybersecurity

By

In 2016 the cyber landscape reached new heights with advanced attack methods, increased levels of sophistication and escalated frequency of adversary activity. As technically astute and often well-funded hackers continue to deploy new, constantly evolving techniques, organizations are too often focusing their efforts on detecting known threats, or Indicators of Compromise (IoC). This reactive approach doesn’t account for mutating or unknown malware, living-off-the-land techniques or new variants being deployed.

As hackers become more innovative, so must organization’s capabilities to protect their networks with next-generation, proactive approaches to prevention, detection and response, and remediation.

There are five core components to effective endpoint cybersecurity on all of these fronts:

  1. Proactive detection and response – As noted, security methods that focus on IoCs are no longer enough to address today’s advanced threats. By the time an IoC, such as a known-malware signature, is detected, the probability that the organization has been compromised is high. Instead, it’s crucial for organizations to shift to proactive cybersecurity techniques focusing on Indicators of Attack (IoAs) that identify adversary behavior, such as code execution or lateral movement. This enables organizations to prevent, detect, and respond to both known and unknown attacks.
  2. Prevention and actionable threat intelligence – In order for cybersecurity to be effective, organizations need to understand not only where the adversary is today, but where it has been, what its objectives are and what it is capable of. By integrating threat intelligence into detection and response, organizations gain a better understanding of the risks they face and can ultimately build stronger, more resilient defenses.
  3. Machine learning – Machine learning gathers and analyzes the breadth of businesses’ security-related data, including threat intelligence and reliable indicators. With accurate data input, machine learning can identify IoAs faster, supporting threat prevention with speed and scalability.
  4. Managed hunting teams – As long as there are humans behind hacks, we must have the power of humans behind our defenses. Managed hunting teams act as human enforcers, proactively patrolling the network for any anomalies or issues. This extra layer of human protection augments and enhances automated detection capabilities.
  5. Cloud-based endpoint security – Cloud-based endpoint protection technology enables organizations to scale whenever needed and offers a unique and distinct advantage in delivering speed, efficacy and response capacity. Today, enterprises are increasingly distributed and have to manage a sprawl of endpoint devices with growing mobile workforces. To that end, many CISOs struggle to provide full security coverage to all users, all the time, whether they are on or off the network.

The cloud enables the collection and analysis of billions of security events in real time that sharpens machine learning algorithms, IoA-based prevention, and detection and response capabilities. Ultimately, this leads to faster, more agile and more comprehensive defenses.

In order to stay ahead of today’s skilled hackers and evolving techniques, organizations must shift their cybersecurity approach to focus on these proactive methods – from IoAs and cloud-based endpoint security to machine learning and managed hunting teams. By unifying these crucial elements, organizations will have a significant advantage over the adversaries that target them.

About the Author

Amol Kulkarni is a seasoned engineering executive with extensive experience building large-scale big data enterprise cloud platforms, consumer cloud services and enterprise products while knitting together world class, high performing global engineering teams. Amol is currently the Vice President of Engineering for CrowdStrike, overseeing the company’s engineering organization and customer facing technology infrastructure. Prior to joining CrowdStrike, Amol held numerous senior positions at Microsoft. Most recently, he was responsible for the knowledge platform in Bing that’s driving significant gains for Bing’s U.S. search market share. Amol also held senior roles in Windows Azure and BizTalk Server, helping reduce COGs and improve developer productivity.




Edited by Alicia Young


SHARE THIS ARTICLE
Related Articles

Generative AI Expo Launches as Newest Event in the ITEXPO #TECHSUPERSHOW

By: TMCnet News    1/27/2023

Generative AI Expo is the starting point for you research the countless potentially game-changing pillars that may solidify generative AI as THE indis…

Read More

Can Machine Learning Models Help Fight Cybercrime?

By: Contributing Writer    1/25/2023

A machine learning model is a mathematical representation of a system or process that is trained to make predictions or decisions based on data. It is…

Read More

What Are the Risks of Continuous Deployment?

By: Contributing Writer    1/25/2023

Continuous deployment (CD) is a software development practice where code changes are automatically built, tested, and deployed to production without h…

Read More

The Benefits of Implementing a Master Data Management Platform

By: Contributing Writer    1/19/2023

A master data management (MDM) platform is invaluable for any business. By centralizing data into one cohesive system, companies can improve their ope…

Read More

What Is an SBOM and Why Is It Critical for Software Compliance

By: Contributing Writer    1/17/2023

An SBOM, or software bill of materials, is a list of all the components and dependencies that make up a piece of software. This can include things lik…

Read More