The Cyber Defense eMagazine August Edition for 2023
Cyber Defense eMagazine August Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine August Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
1. Awareness and Monitoring - Get familiar with your attack surface and make sure you have up-todate<br />
documentation of all connected assets. Use a Security In<strong>for</strong>mation and Event Management<br />
(SIEM) baselining software, a rogue system detection device, and a vulnerability scanner to help<br />
with the identification.<br />
2. <strong>Cyber</strong>security Training - It’s crucial to ensure the IT team knows how to identify potential<br />
compromises and the knowledge to report and escalate a response when needed correctly.<br />
3. Impact Reduction - Limit sensitive in<strong>for</strong>mation and connectivity to vulnerable systems and have a<br />
well-trained Incident Response Plan (in-house or third-party) to address cyber threats.<br />
4. Vulnerability Management - A Vulnerability Management program will collect the latest threats<br />
and vulnerabilities, including threat intelligence. <strong>The</strong> data <strong>for</strong> the intelligence collection can be<br />
produced by a vulnerability scanner tailored to individual networks with a SIEM.<br />
5. Threat In<strong>for</strong>mation Sharing - Participation in threat in<strong>for</strong>mation sharing plat<strong>for</strong>ms such as the<br />
<strong>Cyber</strong>security and Industrial Security Agency’s Automated In<strong>for</strong>mation Sharing program and the<br />
<strong>Cyber</strong>security Incident Response Center’s (CIRCL) Malware In<strong>for</strong>mation Sharing Plat<strong>for</strong>m<br />
(MISP), which is also known as the Open Source Threat Intelligence Plat<strong>for</strong>m (OSTIP) is highly<br />
recommended.<br />
6. Incident Response Training -Finally, prioritized training <strong>for</strong> SOC/NOC personnel that emphasizes<br />
how to conduct the processes outlined in the Incident Response Plan is needed, along with<br />
periodic (monthly) reviews of the Vulnerability Management Plan to ensure that it accurately<br />
incorporates assets and addresses all vulnerabilities.<br />
New technologies indeed bring advancements in communication and computation. But these advanced<br />
technologies come with the warning that each newly connected device holds an additional gateway <strong>for</strong><br />
hacker entrance. Enterprises are facing new vulnerability challenges against the backdrop of inadequate<br />
IT protection.<br />
<strong>Cyber</strong>security professionals must automate network security using SIEM, rogue systems detectors, and<br />
vulnerability scanners to identify potential threats. For organizations lacking cybersecurity personnel or<br />
the necessary monitoring/analyzing tools, highly-trained, third-party cybersecurity professionals can<br />
per<strong>for</strong>m all these preventative threat measures—often at a lower cost than one highly-trained<br />
cybersecurity professional.<br />
Outsourcing cybersecurity responsibilities to a third-party security provider is similar to outsourcing data<br />
storage and processing to a cloud provider. Both bring cost, scale, and expert knowledge advantages to<br />
the table. As the border of today’s enterprise networks continues to creep beyond the confines of<br />
corporate walls, more skilled cybersecurity teams and advanced automation tools are needed to mitigate<br />
risks and diminish attack surfaces.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>August</strong> <strong>2023</strong> <strong>Edition</strong> 50<br />
Copyright © <strong>2023</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.