5 best practices for running a successful threat-informed defense in cybersecurity
- by nlqip
If you’ve been in cybersecurity for the past five to 10 years, you’ve probably heard the term “threat-informed defense.” Simply stated, a threat-informed defense focuses security teams, technologies, and budgets on those threats most likely to impact a particular organization, industry, geography, etc.
The concept basically aligns with the famous (and often referenced) quote from Sun Tzu: “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
To put this in cybersecurity terms, security teams need to monitor the tactics, techniques, and procedures (TTPs) of their adversaries, understand how these TTPs could be prevented or detected by their security controls, and then make any adjustments necessary to cover gaps in their defenses.
Source link
lol
If you’ve been in cybersecurity for the past five to 10 years, you’ve probably heard the term “threat-informed defense.” Simply stated, a threat-informed defense focuses security teams, technologies, and budgets on those threats most likely to impact a particular organization, industry, geography, etc. The concept basically aligns with the famous (and often referenced) quote from…
Recent Posts
- Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation
- Microsoft Edge will flag extensions causing performance issues
- Sophos CEO On How EDR Vendors, Microsoft Are ‘Rethinking’ Security After CrowdStrike Outage
- This Windows PowerShell Phish Has Scary Potential – Krebs on Security
- Unexplained ‘Noise Storms’ flood the Internet, puzzle experts