AppGate Blog: Software-Defined Perimeter

Written by George Wilkes on August 09, 2019

Neutralize Your Adversaries and Become a Tougher Target

Lots of time and effort has been invested in defensive and preventative solutions. But ​in order to have a truly successful strategy, proactive measures must also be incorporated

Protection and defensive measures are essential when engaging in cyber warfare. However, an assured victory also requires a tough offensive strategy. Both go hand-in-hand and one without the other is not as effective. Legacy solutions have left enterprises over-exposed and prone to threats inside and outside their networks. Organizations must reclaim focus and adopt a Zero Trust approach by reducing their attack surface, securing access, and neutralizing adversaries.

Here are some ways to take the fight to your opponent and make your institution a less appealing target:  

1. Protect Your Workforce from External Threats 

Whether opponents are trying to steal credentials, gather intelligence, inject malware, or manipulate human behavior— most cyberattacks will begin with some form of phishing. At the same time, adversaries can cause damage without ever entering an organization’s network. Countless external digital elements, such as email, social media, and mobile applications, are all vulnerable to impersonation and social engineering.

A significant proportion of your attack surface relies on your end users and the actions they take. Being proactive in protecting them is critical to defending your network and data. Here is what proactive external threat mitigation looks like:

  • Gain visibility into external threats: By monitoring and analyzing millions of pieces of internet data, such as DNS, mobile app stores, social media, abuse boxes, and many other sources; you can discover external threats before your workforce does.
  • Automate the takedown of external threats: Advancements in Machine Learning can augment and accelerate the triage and removal of external threats – before your workforce ever encounters them.
  • Put data to work for future attack deterrence: Improve your security posture by identifying who fell victim to a given attack to facilitate immediate remediation and learn about your adversaries’ tactics.

2. Be Your Own Worst Enemy

Every organization has vulnerabilities that can be exploited; security comes from understanding what those vulnerabilities are and filling in the security gaps. By becoming your own worst enemy and simulating the most advanced attacks and data exfiltration techniques, you will be able to identify any security gaps in your infrastructure before adversaries.

Put your infrastructure, systems, people, and process through real-world scenarios that include advanced penetration testing, adversary simulation, and vulnerability assessments. These will provide a true reflection of your security posture against an array of opponents ranging in skills, technology, tactics, and proficiency.

Those that have red team resources and skill sets in-house must ensure that they have premier assessment tools available to emulate advanced attacks. Those that lack in-house resources should partner with adversary specialists who can augment this skill set and shed light on any vulnerabilities.

3. Don’t Bury Your Head in the Sand

Cyber resilience is about constantly being on alert and understanding that there is always a potential for adversaries to penetrate your defenses. The key is to be vigilant and proactive in seeking out threats; this requires visibility, threat analytics, and highly proficient staff.

Most organizations today are resource-constrained, making it very difficult to dedicate time to threat hunting and incident response. Consider augmenting your security posture with a highly specialized threat management and analytics team capable of:

  • Automatically detecting malicious activity by combining the latest threat intelligence sources, your organization’s data, and Deep Packet Inspection.
  • Hunting for and removing bad actors within your network and providing insights into your security posture, user behavior, and adversary tactics.
  • Rapidly responding to incidents and providing guidance to your security team for improving the post-compromise protocol.  

Adopt a Focused Approach to Zero Trust

Cybercriminals want quick and painless wins against easy victims. Become a difficult target by beating attackers at their own game using a security approach centered around Zero Trust to dramatically reduce your institution's attack surface, unify access controls, and decrease operational cost and complexity. We invite you to explore our focused approach to Zero Trust.