In the military, the art of strategy is key. It teaches how to win a war through a series of battles, campaigns and tactics. In the cybersecurity world, we have been on the defensive side for as long as we can remember. We focus on frameworks and tactics such as Defense in Depth, the onion or defensive layer theory, and perimeter security. And that’s why threat actors still have control of the battlefield today. Instead, in order to become more cyber resilient, we need to take a leap into the offensive side, always thinking about our enemies’ strategies.
In “The Art of War,” Sun Tzu says “Tactics without strategy is the noise before defeat.”
Thinking only about tactics will always put you in a reactive position. So, you will always make short-term decisions based on a previous ad-hoc solution.
These short-term tactics won’t work in the long run against the changing face of cyber threats. Instead, we need to look at the bigger picture. Let’s focus on strategies that will lead to winning the war, not just a battle.
Building a Strategy for a Cyber Resilient Enterprise
Security teams are always under persistent pressure, fighting multiple battles on different front lines. These front lines are only going to get larger and more rugged in the future, especially with an increasing number of devices. After all, it’s now normal for employees to control, manage and monitor the shift into containerization, 5G networks and the use of artificial intelligence.
IBM’s 2020 Cost of a Data Breach Report reveals that, even with today’s applied controls, the average time to identify and c ..
Support the originator by clicking the read the rest link below.
