Sign up to save your podcasts
Or
Share Episode 4: Dynamics of Cyber Defense...an Ongoing, Repetitive Process
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 4: Dynamics of Cyber Defense...an Ongoing, Repetitive Process
Episode Resources:
- Blog: Assess, Remediate, and Implement with CIS SecureSuite: https://www.cisecurity.org/blog/assess-remediate-and-implement-with-cis-securesuite/
- Free Webinar: CIS Benchmarks and CIS-CAT Pro Tool Demo: https://www.cisecurity.org/webinar/cis-benchmarks-demo/
Part 1 of a 2-part series
Technology is ever-changing AND ever-evolving, creating an uncertainty amongst cybersecurity professionals – the defenders – in their pursuit of an effective cyber defense strategy. The uncertainty of the defender can justifiably be attributed to the uncertainty of the attacker. In this week’s Cybersecurity Where You Are podcast, hosts Tony Sager and Sean Atkinson introduce cyber defense as a risk-based process to reduce the overall probability and impact that a cyber-attack will have on an organization.
Cyber defense never ends
Cyber defense refers to the ability to prevent cyber-attacks from infecting a computer system or device; it involves anticipating adversarial cyber actions and countering intrusions. There’s no “one-size-fits-all” when it comes to cyber defense protocol or strategy. However, a good cyber defense strategy should aim to protect, prevent, detect, respond to, and recover from external and internal attacks. As technology expands, the complexity of cyber-attacks also evolves, forcing cyber defense initiatives and defenders of such, to do whatever they can to keep up.
OODA loop process
The OODA (Observe, Orient, Decide, Act) loop is a repetitive four-step decision-making process that focuses on gathering information, putting that information into context, making the most appropriate decision while also understanding that changes can be made as more data becomes available, and then taking action. The OODA loop is especially applicable to cybersecurity and cyber defense where agility and repetition (by the defender) potentially overcomes that of the attacker.
Fog of More
While cyber defense is an abstract model, cybersecurity defenders have to actually do concrete things. It initially comes down to having a plan in place and asking the right questions: What data do we have? Where is it? What do we do with it?
Asking the right questions (for clarity) eliminates the Fog of More (coined by Tony Sager, of all people) – the overload of defensive support (i.e., more options, more tools, more knowledge, more advice, and more requirements, but not always more security).
An effective cyber defense program requires defenders to gather information and data, put that data into context, make decisions, take action, and then REPEAT, REPEAT, REPEAT.
View all episodes
By Center for Internet Security
5
1313 ratings
Episode Resources:
- Blog: Assess, Remediate, and Implement with CIS SecureSuite: https://www.cisecurity.org/blog/assess-remediate-and-implement-with-cis-securesuite/
- Free Webinar: CIS Benchmarks and CIS-CAT Pro Tool Demo: https://www.cisecurity.org/webinar/cis-benchmarks-demo/
Part 1 of a 2-part series
Technology is ever-changing AND ever-evolving, creating an uncertainty amongst cybersecurity professionals – the defenders – in their pursuit of an effective cyber defense strategy. The uncertainty of the defender can justifiably be attributed to the uncertainty of the attacker. In this week’s Cybersecurity Where You Are podcast, hosts Tony Sager and Sean Atkinson introduce cyber defense as a risk-based process to reduce the overall probability and impact that a cyber-attack will have on an organization.
Cyber defense never ends
Cyber defense refers to the ability to prevent cyber-attacks from infecting a computer system or device; it involves anticipating adversarial cyber actions and countering intrusions. There’s no “one-size-fits-all” when it comes to cyber defense protocol or strategy. However, a good cyber defense strategy should aim to protect, prevent, detect, respond to, and recover from external and internal attacks. As technology expands, the complexity of cyber-attacks also evolves, forcing cyber defense initiatives and defenders of such, to do whatever they can to keep up.
OODA loop process
The OODA (Observe, Orient, Decide, Act) loop is a repetitive four-step decision-making process that focuses on gathering information, putting that information into context, making the most appropriate decision while also understanding that changes can be made as more data becomes available, and then taking action. The OODA loop is especially applicable to cybersecurity and cyber defense where agility and repetition (by the defender) potentially overcomes that of the attacker.
Fog of More
While cyber defense is an abstract model, cybersecurity defenders have to actually do concrete things. It initially comes down to having a plan in place and asking the right questions: What data do we have? Where is it? What do we do with it?
Asking the right questions (for clarity) eliminates the Fog of More (coined by Tony Sager, of all people) – the overload of defensive support (i.e., more options, more tools, more knowledge, more advice, and more requirements, but not always more security).
An effective cyber defense program requires defenders to gather information and data, put that data into context, make decisions, take action, and then REPEAT, REPEAT, REPEAT.
More shows like Cybersecurity Where You Are (video)
View all
Security Now (Audio)
1,969 Listeners
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
363 Listeners
Hacked
183 Listeners
CyberWire Daily
1,004 Listeners
Smashing Security
311 Listeners
Click Here
398 Listeners
Darknet Diaries
7,883 Listeners
Cybersecurity Today
169 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Defense in Depth
77 Listeners
Cyber Security Headlines
129 Listeners
Hacker And The Fed
158 Listeners