Cybersecurity: Take Back Control

An enterprise with a network built over time, without documentation—or even through acquisition and integration—may know less than a persistent attacker about its own network, including who has administrative privileges. STAY VIGILANT Competent network monitoring is an essential component of your organization’s cybersecurity activities. Your organization must couple such monitoring with continuous vulnerability analysis and penetration testing to answer: Is our network vulnerable, and if so, in what way? Can our network be penetrated, and if so, how? What is happening inside our network? How is the network behaving? Are excursions occurring from baseline behavior? How are we applying cybersecurity policy? What is the state of cybersecurity governance and compliance? Tools and techniques are becoming available to monitor network performance and the state of an organization’s cybersecurity policy, governance, and compliance. Knowing your network better will mean detecting and disarming your adversary before damage can be inflicted. LIMIT THE DAMAGE Networks and their associated cybersecurity architectures and programs must be resilient and monitored unfailingly. Good preparation remains key to mitigating a cyberattack: Have a security information and event management system that monitors the network. Implement good data recovery schemes, entrusted to the hands of trained and disciplined administrators. Know what information is vital, valuable, and at risk. Plan accordingly. Engage professional support for incident-response planning. Automate incident response, being sure to build good plans and automate their workflow. Join an Information Sharing and Analysis Center and stay up to date on best practices. In the event of a cyberattack, share forensics with law enforcement to discover what really happened. GET IN THE KNOW Know your own network better than your adversary. Know what information is vital and needs protection. Know about threats and best practices. Such knowledge can help your enterprise regain the intelligence advantage needed to defend itself and to take back control. A PERSISTENT CYBERATTACKER CAN BE PRESENT IN A TARGET NETWORK FOR 229 DAYS BEFORE THEY ARE DETECTED. THAT’S ENOUGH TIME TO GAIN “EXQUISITE INTELLIGENCE” ABOUT THE NETWORK. TAKE BACK CONTROL CYBERSECURITY CONNECT WITH US icfi.com For more information, visit icfi.com/cyber NETWORK MONITORING 229 Days

Upload
icf-international
Category

Business
view
149
download
1

Embed Size (px):

description

Did you know that a persistent cyberattacker is present in a target network a median number of 229 days? That’s enough time to gain “exquisite intelligence” about the network. Take back control of your cybersecurity by learning to stay vigilant, limit the damage, and get in the know with ICF’s tip sheet.

Transcript of Cybersecurity: Take Back Control

Page 1: Cybersecurity: Take Back Control

An enterprise with a network built over time, without documentation—or even through acquisition and integration—may know less than a persistent attacker about

its own network, including who has administrative privileges.

STAY VIGILANTCompetent network monitoring is an essential component of your organization’s cybersecurity activities. Your organization must couple such monitoring with continuous vulnerability analysis and penetration testing to answer:

�� Is our network vulnerable, and if so, in what way?

�� Can our network be penetrated, and if so, how?

�� What is happening inside our network?

�� How is the network behaving?

�� Are excursions occurring from baseline behavior?

�� How are we applying cybersecurity policy?

�� What is the state of cybersecurity governance and compliance?

Tools and techniques are becoming available to monitor network performance and the state of an organization’s cybersecurity policy, governance, and compliance. Knowing your network better will mean detecting and disarming your adversary before damage can be inflicted.

LIMIT THE DAMAGENetworks and their associated cybersecurity architectures and programs must be resilient and monitored unfailingly. Good preparation remains key to mitigating a cyberattack:

�� Have a security information and event management system that monitors the network.

�� Implement good data recovery schemes, entrusted to the hands of trained and disciplined administrators.

�� Know what information is vital, valuable, and at risk. Plan accordingly.

�� Engage professional support for incident-response planning.

�� Automate incident response, being sure to build good plans and automate their workflow.

�� Join an Information Sharing and Analysis Center and stay up to date on best practices.

�� In the event of a cyberattack, share forensics with law enforcement to discover what really happened.

GET IN THE KNOW�� Know your own network better than your adversary.

�� Know what information is vital and needs protection.

�� Know about threats and best practices.

Such knowledge can help your enterprise regain the intelligence advantage needed to defend itself and to take back control.

A PERSISTENT CYBERATTACKER CAN BE PRESENT IN A TARGET NETWORK FOR 229 DAYS BEFORE THEY ARE DETECTED. THAT’S ENOUGH TIME TO GAIN “EXQUISITE INTELLIGENCE” ABOUT THE NETWORK.

TAKE BACK CONTROLcybersecurity

CONNECT WITH US

icfi.comFor more information, visit icfi.com/cyber

n e t w o r k m o n i t o r i n g

229Days