Cyber Defense eMagazine February 2021 Edition
Cyber Defense eMagazine February Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine February Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Approach cybersecurity as an org-wide strategy<br />
Far too often, digital risks are treated as an IT problem rather than a business priority. Increased digital<br />
transformation means that online risks impact all business areas and have greater, longer-lasting effects<br />
on revenue and operations as a whole. According to IBM’s 2020 Cost of a Data Breach report,<br />
organizations incur $1.52M, on average, in lost revenue per breach.<br />
And these business impacts aren’t just due to increased cybercrime like phishing and ransomware—<br />
cyber-enabled threats are implicating a variety of business operations.<br />
For example, damaging viral content or misinformation, evidence of theft or internal threats, and physical<br />
security risks are all facilitated by and discoverable through online sources. This information is now<br />
valuable for cybersecurity and marketing, compliance, and physical security teams, to name a few.<br />
So how can CISOs and IT managers tackle digital risks more holistically?<br />
For one, security teams should rethink their toolkit. While threat intelligence tooling is valuable for<br />
cybersecurity personnel, security teams should consider software that is also accessible for non-technical<br />
teams like compliance who require digital risk data.<br />
Security officers must also communicate digital risks to executives and board members as business<br />
risks—how do online threats, from data disclosure to theft, translate to lost business in dollar value? This<br />
will ensure that digital risk is clearly understood through the lens of business impact and prioritized by<br />
leadership accordingly.<br />
Prioritize breadth of data<br />
As digital risk covers a greater diversity of use cases, more online spaces are relevant for detecting risk<br />
and defending your organization. Beyond standard threat intelligence sources—like technical feeds and<br />
the dark web—security teams now need to consider a broader set of sources.<br />
These could include mainstream and fringe social media sites (which tend to emerge quickly), deep web<br />
forums, and messaging apps. For example, platforms like 8kun or Telegram could host compromised<br />
information or other targeted risks, but may not be standard data sources in a security team’s toolkit.<br />
Any one of these sources is not necessarily valuable on its own. However, access to a combination of<br />
social, deep, and dark web data alongside technical cyber threat intelligence can help security teams<br />
follow breadcrumbs more comprehensively across the web.<br />
Security teams require multiple threat intelligence solutions to do their jobs effectively. But tools that<br />
prioritize data diversity (rather than focusing only on the dark web or social media, for example) can<br />
streamline toolkits, save analysts time, and provide more valuable context.<br />
Rethink how you conceptualize the internet<br />
These considerations point nicely to a third shift: integrating not only cybersecurity strategies and data<br />
sources but also our understanding of the internet.<br />
Adversaries are not segregated to distinct web spaces—and neither should threat intelligence strategies.<br />
The internet has long been conceptualized as fragmented surface, deep, and dark web networks (so<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>February</strong> <strong>2021</strong> <strong>Edition</strong> 85<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.