Evolving Against Vulnerabilities, Breaches, and The Next Cyber Attack

Authors

Nick Nikols – Principal Consulting Analyst

Gary Rowe – CEO/Principal Consulting Analyst

Abstract

No enterprise is totally immune from the escalating cyber attacks, threats, and breaches. While there is no magic bullet to fully protect an enterprise, we describe a path to help organizations proactively and systematically address vulnerabilities, breaches and to provide a viable defense against the next cyber attack.

Defending against attacks starts with understanding the anatomy of a breach by considering what is described in military parlance as a “kill chain”. This is a model to describe the stages of an attack, which also helps inform ways to prevent such attacks.   These stages are often referred to as Find, Fix, Track, Target, Engage and Assess.  The idea is that if an attack can be stopped closer to the beginning of the chain, then the better the outcome.

We use the NIST Cyber Security Framework (CSF) as a foundation for modeling security controls and to help formulate a well-structured approach to addressing these threats. The Framework Core is a set of cybersecurity activities and applicable references established through five concurrent and continuous functions—Identify, Protect, Detect, Respond and Recover—that provide a strategic view of the lifecycle of an organization’s management of cybersecurity risk.

TechVision adds a pragmatic, actionable perspective to this framework and provides a series of steps to better prepare an organization to prevent breaches, and if a breach does occur, to help limit the damages. We also list key vendors with products supporting each functional area.