One of the unique considerations for cyber-attacks is
identifying the avenues of attacks. While internal employees tend to be the
weakest link when it comes to targeted attacks, cyber-attackers are also now
looking at the extended ecosystem of partners, contractors and supply chains
for alternative avenues of attack. Additional effort needs to be made to
secure, control and safely enable the application access for these extended
users.
Inspection and logging of all traffic also needs to
extend to targeted, modern malware. The industry is moving toward piecemeal
technologies that attempt to tackle this one attack component via virtual
sandbox analysis. But, the reality is that a robust cybersecurity strategy
requires a comprehensive approach to malware similar to an attacker’s lifecycle
approach of infecting a network. This means identifying all traffic and how
malware tends to hide (encryption, tunnels, evasive tactics), controlling risky
applications and users, and managing the unknowns in addition to the virtual
sandbox analysis.
In summary, the building blocks for a robust cybersecurity
strategy are not uniquely different from security requirements for a
traditional enterprise. However, in most cases, the attackers are more sinister
and, more importantly, where there is an attack, the stakes and impact is much
higher for all of us.
