Increasing resiliency to attacks is the focus for security professionals today. Despite the fact that defenders are developing technologies and tactics that are growing in sophistication, adversaries are as well…at a more rapid pace.
Well-funded cyber-criminals use a combination of evolved technologies and tactics to evade detection. Defenders will continue to strive to block 100 percent of attacks before they occur – but, as history has proven, bad actors will infiltrate our networks. To boost resilience we need to not only try to prevent an attack, but we need to stop the exploitation of an attack, requiring that we think differently about Incident Response (IR). Instead of only a point-in-time set of steps to try to prevent malware from getting in or reimage an affected machine, IR must become a continuous process.
Leave a reply