5 Recipes For How to Design a Resilient Cyber-Attack Environment

1
41

1. Focus on availability-security

Latency is a high focus for these folks.  Most just focus on confidentiality and integrity-based security models. All three aspects need to be focused on to ensure comprehensive security.

2. Understand the value & meaning of architecture as it relates to attacks

  • Placement of technology devices in the environment is key
  • Types of technologies leveraged (e.g. leveraging UDP, CDN, stateful devices, etc.)
  • Know the limitations of business-logic decisions — RFC and ISO compliancy may be, ironically, in the end a known vulnerability (e.g. leveraging RFC compliant web applications)
  • Deployment of 80% of known technical and operational controls is no longer adequate. A process must be in place to be able to technically and operationally lock down your environment during a cyber-attack 100%.
  • Not relying on a single point of security technology to do the entire job (e.g. security in-depth)
  • Use of encrypted technologies (e.g. SSL / TLS)

one padlock with electronic circuits on background, concept of computer security (3d render)

3. Focus on the visibility they can get during an attack/attack detection quality

  • Not just relying on Netflow detection, which provides blind spots
  • Heavily leveraging Challenge/Response Technology – uniquely situated to distinguish attack traffic
  • Understand the value of anomaly-detection technologies and rely on them heavily
  • Understand the value of web-application-firewall and the role it plays in an integrated security platform
  • Requiring correlated information out-of-the-box
  • Ability to inspect encrypted and encapsulated technologies (e.g. MPLS, GPRS, L2TP, GRE, etc.)

[You might also like: 5 Cyber Attack Developments Worth Your Attention]

4. Focus on real-time authentication & mitigation decisions

  • Integration of Reputational Management/Dynamic black-listing technologies
  • Heavily leveraging Challenge/Response Technology
  • Ability to coordinate fighting an attack with eco-system service providers such as Certificate Authorities (CAs), Authoritative DNS providers, Cloud Providers, etc.
  • Understanding the value of real-time signature generation for anomalistic threats

5. Understand the value of Emergency Response & Retaining Offensive Attack Capabilities

  • Establishing an internal intelligence-gathering network to understand current risks to the organization from a cyber-attack.
  • Understanding the value of placing a knowledgeable and wise human who oversees the orchestration and mitigation of cyber-attacks (e.g. Emergency Response processes).
  • Leverages and retains techniques and capabilities to actively mitigate attackers (not just absorb and defend from attacks).
  • Ability to adjust configurations and techniques during an attack in response to a changing attack landscape.
DDoS_Handbook_glow

Download Radware’s DDoS Handbook to get expert advice, actionable tools and tips to help detect and stop DDoS attacks.

Download Now

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here