Aggressive Cyberdefense- P@ssport Triple A-Fight back the smart way in 3 simple steps
BOXING AND AGGRESSIVE CYBERDEFENSE
I would like to start with an observation from boxing and how an ounce of aggressive cyber prevention will give you a better stand than the pounds of submissive reactive cyber deflection currently flooding the market. Effective cyber defense is more than flooding the market with submissive technology.
In this article I will match boxing to superior cyberdefense from P@ssport through Triple A strategy with thanks to the original poster Johnny N
“Defense comes before offense. If protecting yourself wasn’t important, boxing quickly becomes a “power punching competition” which we know it isn’t. Before you learn how to attack anyone, you need to learn how to defend yourself keeping your body out of harm and preserving it for future battles.”
“The first step to fighting offensively is not just a regular defense, but anAGGRESSIVE DEFENSE.
Instead of just blocking, slipping, and then running away, you should make sure to be aggressive with your defense.”
AGGRESSIVE CYBER DEFENSE
So before you buy solutions that promises to deflect a significant chunk of attacks hitting you as a customer you need to learn how to defend your company. Don’t go into the buy and build but see where your risk lay. Not only towards against cyber breaches that can do your company harm but also to take away complexity and costs that hamper your business operations going.
But also against witch craft voodoo and “magic” quadrants that position reactive leaders with not so flawless solutions being discarded with 100% security doesn’t exits ”http://www.bbc.com/news/technology-38853502.
Skills and resources needed for defending your company in a $120 billion industry that delivers reactive promises to deflect a significant chunk of attacks hitting customers . Only to find out these barriers are not stopping the onslaught of cyber attacks and thetools are under scrutiny .
While the Rootcause is simple: the datacenters use that same reactive technology defenses as many big companies to their dismay already found out (similar events)
It is no longer a question whether a major cyberbreach will strike the organization but only a question of when, how, what form it will take and who and how many will be effected.
All software is vulnerable, all people make mistakes and there are infinitive possibilities to get a negative risk scenario with huge consequences – Peter Rus
P@ssport says your company should become aggressive in your cyber defense.
So you need to filter out the complexity the alerts are giving and on the other hand the lack of “fighter pilots” that need to operate the high tech reactive cyber defense while you ask for a car driving to work. Avoid being time lapsed by confrontation by the red cyberarrows penetration teams or other stunt teamshttps://en.wikipedia.org/wiki/List_of_aerobatic_teams or “ethical hackers” that save you from known attacks till the next vulnerability as your only defense.
How does a hacker say goodbye? Till the next vulnerability
It already sparks a business on its own https://techcrunch.com/2017/02/08/hackerone-scores-40-million-investment-as-bug-bounty-programs-mainstream/ which tells us searching for vulnerabilities hunting is a business model here to stay.
Step 1 -Identify
1a.Counter
“The only way to go from defense to offense is to start COUNTERING”
The ways people make connectivity towards your network , check your providers of services. When you don’t have that start using the Triple A switchboard that provides you with this simply and secure in your current infrastructure (step 1)
1b. JAB
The JAB is the longest, fastest, and safest punch you have at your disposal so it’s easily the best method to pry your opponent’s guard open.
So go ahead, and start your offense with a J.A.B.
if you not expect them Jam them by obscuring your network .
if you do expect them Authorize them by granting them access.
if you give them access Block unauthorized traffic.
Only give them access to the asset that they need to reach in line with their role.
The first JAB is important no business with your network no access long-reach aggressive defense .
We call that cut the snake by the head not the tail.
Step 2 -MONITOR
2a. JAB-CROSS
“put some power into things”
Make sure that your sysadmins are #incontrol when how and where access is being granted with the right incident and management tools .
Don’t make that a complex scenario with loads of reactive technology that in the end needs investments to make it more secure since the foundation was not laid out righthttp://www.cityam.com/258787/uk-governments-crackdown-encryption-threatens-undermine .so human intervention is needed when things go wrong in a knee jerking way.
2b COMBINATIONS
“Sometimes your opponent’s defense fails on the first punch, other times it’s open on the 3rd punch and on”
By only giving access on a need to know basis you don’t allow the visitor to get access to the complete hinter lying network. So give only those tools needed to do the job at hand. step 2. When you don’t have that start using the Triple A switchboard that provides you with this simply and secure in your current infrastructure (step 2)
Step 3- Protect
MIXING
“All it takes to confuse your opponent and tear his defense apart is some clever MIXING”
3a MIXING. By having 4 eyes principle and the right procedures and have them tuned with the right security mechanisms you are able to build a system that can withstand the attacks, put you with the right security mechanisms #incontrol and become smart compliant to regulations like EU directives GDPR and NIS .
Reflexes
“ At this point, you’re already winning the fight and just need to protect yourself when in range by using your REFLEXES “
3b Reflexes
These are provided by keeping on top of current threat scenarios , and innovations in the market which you can add to your defense system .
Where the so called leaders might be loosing the fight by betting on offensive capabilities that are becoming so complex that siem, ai and lack of cyberskills are now a symptoms of the complex and expensive reactive firefighting tactics. So you can set any competition back and give your organization something P@ssport refers to #incontrol . When you don’t have that start using the Triple A switchboard which provides you with secure mechanisms that can be simply and securely integrated in your current infrastructure (step 3)
3c.Power
“He’s physically beaten, mentally beaten, and ready to be knocked out”
By using our Triple A switchboard you are able to have these steps already accumulated for you, no big changes needed in your infrastructure and will work with and protect your current assets like we have been doing since 2012.
You will have operational excellence and business governance over your processes and at the same time aggressive cyber defense. No need for your organization to use trial and error method but instead use a proven strategy
– the Triple A strategy.
Steps 1)Identify 2) Monitor 3) Protect that’s Important
Peter Rus
Chief Innovation Officer
A visionary that can help your business community how to set up support through working together in with operation’s based decisions regarding the kind of risks that exists and the response measures that need to be initiated for safety and security to prevent risk events and mitigate the impact if the should occur. This knowledge keeps industry, government and enterprises preventively #incontrol.
P@ssport – we offer you the controls you need to protect lives .
For more info we want to point you to our website www.cybersecurity.industries
Or contact us directly on 0031 (0)70 7370471.
