4 Steps For Proactive Cybersecurity

If not all, nongovernmental entities it's too soon to go down thepath of all-out, offensive security counterattacks. Many other securityprofessionals agree, and you can get a good summary of the academic and government researchon cyber espionage, cyber deterrence and cyber offense by reading a recent post by Dave Dittrich, a member of the HoneyNet Project:"No, Executing Offensive Actions Against Our Adversaries Really Does Have High Risk (Deal With It)."But you can do a lot more than read and hope. Here are some ways to take action now that will at least let your team start taking a more offensive security mindset.
Step 1: Do active risk analysis to know what attackers may strike at, and how.Intelligence gathering is an arduoustask for even well-funded government agencies, so it is highlyunlikely that your company can achieve the level of detail required for true cyber intelligence about attackers. Further complicating intelligence gathering is that private-sector chief information security officers don't share details of successful breaches, even thoughsuch collaboration would be critical to understanding and linking methods and attackers. But that's another article.For now, focus your effort on the intelligence gathering you do control: knowledge of your own systems, networks and business.