Security Corner: C YBER S ITUATIONAL A WARENESS Submitted by Sovereign Grand Inspector General Roy J. Mays, 33°, Chief of Security
Effective cyber situational awareness requires both people and technology. Technology l i k e cybersecurity tools and
employees, ex-employees, and even third-party stakeholders. Equally important, it sets the stage for designing appropriate threat response and risk mitigation strategies. W HAT A RE THE K EY E LEMENTS OF C YBER S ITUATIONAL A WARENESS ? The modern cyber threat landscape is vast, complex, and constantly growing. Organizations require more than reactive cybersecurity operations and stand-alone tools for intrusion detection or endpoint protection to stay ahead of the bad guys. A lack of real-time and relevant information about threats and threat actors, and a poor understanding of your own cyber situation, can be particularly dangerous. That cyber situational awareness must be improved on three key fronts: Network Situational Awareness Once upon a time enterprise networks were much less complex than they are today. They had closely defined perimeters and on-premises systems; and didn’t have to deal with the risks created by remote workers, BYOD devices, cloud- based assets, or third-party access. All of this has now changed. Today the enterprise network no longer has a defined perimeter, and the number of threats in the network environment has exploded. To prevent these threats from damaging enterprise systems or data, comprehensive network situational awareness is crucial. It should include multiple aspects, including:
automation software allows organizations to collect, analyze, and respond to threat data. But people are also crucial because they’re the ones who use the tools, interpret the data, use tools, and make decisions to strengthen cyber defense. W HAT A RE THE B ENEFITS OF C YBER S ITUATIONAL A WARENESS ? Strengthen Cyber Defenses • Cyber situational awareness empowers organizations to understand current risks and anticipate future ones. Organizations can then design or identify the required solutions to strengthen their cybersecurity posture and improve their risk management program. Protect Organizational Assets • By anticipating future adverse events, leaders and decision-makers can develop effective countermeasures to protect themselves, their IT assets, and their customers and stakeholders from cyber-attacks such as malware and data breaches. Mitigate Human Weaknesses These figures show how humans are a critical weakness in cybersecurity: • 66% of organizations believe that insider attacks are more likely than external attacks; • 57% feel that insider incidents have become more frequent since 2020 (particularly since the onset of the pandemic); • 59% of IT leaders expect insider risks to increase over the next two years. The potential for human error is high, and these errors could lead to severe damage. To prevent such errors (or at least to catch them early) cyber situational awareness is crucial. Cyber situational awareness enables organizations to understand threats from
• Understand the structure of the network;
• Regularly inventory and continually manage all assets and configurations; • Implement robust patch and upgrade management; • Perform routine vulnerability auditing to find vulnerabilities before bad actors can exploit them; • Improve incident awareness, and share this information across the organization and with relevant stakeholders.
T HE S PRING B ULLETIN
Made with FlippingBook Digital Proposal Creator